[Samba] Samba 3.0.23b Available for Download

Hansjörg Maurer hansjoerg.maurer at dlr.de
Wed Aug 9 17:06:43 GMT 2006


Hi




>
> >Is it possible to make this work again with 3.0.23b?
> >(I know that the zero uid and gid range might be
> >brain damaged, but with this settings it works fine on
> >both sides)
>
>
> This should still work.  Although you should be able
> to simply not define the idmap uid/gid range at all.  But
> you will need to run winbindd. Not that you will need
> to fully qualify all domain users and groups in smb.conf
> still.
>
I tried it again with winbind running and the idmap section commented out
In the smb.conf file we have no reference for certain groups/users
See below

> Did you update the libnss_winbind.so as part of your
> upgrade ?
>
yes

Just for clarification..
We have all users in both databases (nis  and AD)
with the same Username.
The unix system with the samba server only uses NIS (no nss/pam winbind).
as nameservice for users and groups.
With 3.0.21b and the setting below,
the owner of a file on the unix filesystem (USER1)
shows up in the windows security automatically as
DOM\USER1
Now with 3.0.23b is shown as the SID-RID String
The SID ist the SID of the Samba Server, the RID is 2 * uid + 1000
which is not the sid of the domainuser but the mapped SID of winbind...
Therfore the Security dialog cant resolve it.


Why do I need libnss_winbind.so?

Thank you

Hansjerg




 

[global]
        workgroup = DOM
        realm = REALM
        netbios name = ftpserver
        server string = RM-FTP-Server
        interfaces = 127.0.0.1, eth0
        bind interfaces only = Yes
        security = ADS
        password server = XXX
        username map = /etc/samba/smbusers
        log level = 1
        syslog = 0
        log file = /var/log/samba/log.%m
           os level = 25
        preferred master = No
        local master = No
        domain master = No
        dns proxy = No
        wins server = XXX
        utmp = Yes
        #idmap uid = 10000-10000
        #idmap gid = 10000-10000
        winbind use default domain = Yes
        winbind trusted domains only = Yes
        create mask = 0664
        directory mask = 0775
        hide dot files = No
        map archive = No
        dont descend = lost+found
        load printers= no
        printing = bsd
        printcap name = /dev/null


[ftp]
        path = /home_local/ftp
        comment = FTP-Share
        browseable = yes
        writeable = yes
        force create mode = 0664

>
>
>
>
> cheers, jerry
> =====================================================================
> Samba                                    ------- http://www.samba.org
> Centeris                         -----------  http://www.centeris.com
> "What man is a man who does not make the world better?"      --Balian



More information about the samba mailing list