[Samba] samba as a domain member

MJBarber at Hearst.com MJBarber at Hearst.com
Thu Mar 2 14:35:25 GMT 2006


The correct path is whatever is correct to you... The %D is not necessary,
the %U is - as it designates the user.

Tail your /var/log/messages file as you attempt to connect (ensure logging
set to at least 2 or 3 in smb.conf)...this will tell you if it is a path
error or a permissions error.  The Windows errors are not that helpful.  


To look at a home directory with /home/%D/%U try to connect with
\\server\username

The same is for /home/%U you connect with \\server\username

Good luck,
MJ Barber


-----Original Message-----
From: samba-bounces+mjbarber=hearst.com at lists.samba.org
[mailto:samba-bounces+mjbarber=hearst.com at lists.samba.org] On Behalf Of
Guillermo Gutierrez
Sent: Thursday, March 02, 2006 8:50 AM
To: samba at lists.samba.org
Subject: RE: [Samba] samba as a domain member

a little more info on this, I can see the user's home directory via
\\Solidus in explorer, but when I try to enter it I get a message saying
that I dont have permission to access the folder or it doesn't exist and
below that it says that the network location doesn't exist.

I wonder, what is the correct syntax for the path to the users home folder
in smb.conf? I have seen it specified as path=/home/%D/%U and I have seen
some smb.conf files where it is not specified at all.

p.s. I did setup pam.d/system-auth to use the pam_mkhomedir.so module.

-----Original Message-----
From: samba-bounces+ggutierrez=marketscan.com at lists.samba.org
[mailto:samba-bounces+ggutierrez=marketscan.com at lists.samba.org]On
Behalf Of Guillermo Gutierrez
Sent: Wednesday, March 01, 2006 5:05 PM
To: samba at lists.samba.org
Subject: FW: [Samba] samba as a domain member


whoops, forgot to copy the list on it. sorry.
 
Well, an update. I can log in to the console using any domain profiles,
but, I can not access the exposed home directory through NetBeui (My
Network Places/Network Neighborhood). 
 
Also, how should I configure /etc/pam.d/sshd to allow  domain users to
authenticate and logon through an ssh client (PuTTY?, OpenSSH?)
 
-----Original Message-----
From: Guillermo Gutierrez
Sent: Wednesday, March 01, 2006 12:47 PM
To: 'David Shapiro'
Subject: RE: [Samba] samba as a domain member


yes, getent passwd returns users and what appears to be machine names as
well. 
wbinfo -u returns user info and computer info.
wbinfo -g returns domain groups .
 
Since I sent this email a couple of things changed. the above commands no
longer display the domain as part of the info.
I cannot get into my home directory which is shared but with a valid user
of "valid users = %S" in the smb.conf.

-----Original Message-----
From: David Shapiro [mailto:David.Shapiro at bcbsnc.com]
Sent: Wednesday, March 01, 2006 12:32 PM
To: Guillermo Gutierrez
Subject: Re: [Samba] samba as a domain member


Is the getent passwd returning users?  Does wbinfo -u and wbinfo -g return
users and groups? 
 
David
 
David Shapiro
Unix Team Lead
919-765-2011

>>> "Guillermo Gutierrez" <ggutierrez at marketscan.com> 3/1/2006 1:09:26 PM
>>>

Hello,
I am new to this list but I have been learning to use linux/bsd and samba
for the past year. so far I have been able to learn enough on my own to be
able to successfully set up a functional samba server on FreeBSD and
Gentoo Linux boxes. I am trying to learn how to integrate them into an
Active Directory windows 2003 server domain. So far I have verified that
Kerberos and ldap and winbind (I think) are functioning correctly. I am
able to do a 'kinit administrator at DOMAIN.COM' command and not get a
failure.
I am able to see all of the groups and users/systems in the domain from
getent commands.

My problem is that I cant access samba shares when permissions are set
using domain users.
I can access the /home/samba/public share is I DON'T specify a 'valid
users =' line in the smb.conf file, but not the other way around.

Here is what my smb.conf file looks like:

# Samba config file created using SWAT
# from 10.11.7.56 (10.11.7.56)
# Date: 2006/03/01 09:45:11

[global]
        workgroup = MARKETSCAN
        realm = MARKETSCAN.COM
        server string = %h Samba Server
        interfaces = lo, eth0
        bind interfaces only = Yes
        security = ADS
        auth methods = winbind
        password server = nostradmus, nostradamus_ii, nostradamus_cam
        log file = /var/log/samba/log.%m
        socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
        load printers = No
        preferred master = No
        dns proxy = No
        wins proxy = No
        wins server = 10.11.3.198
        ldap ssl = no
        passdb expand explicit = No
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        template shell = /bin/bash
        winbind separator = max log size = 50
        winbind use default domain = Yes

[public]
        comment = %h Public Share
        path = /home/samba/public
        read only = No
        force create mode = 0777
        force directory mode = 0777
        guest ok = Yes

[homes]
        comment = Home Directory for %U
        path = /home/%D/%U
        valid users = %S
        read only = No
        force create mode = 0777
        force directory mode = 0777
        browseable = No

I would greatly appreciate any help.

thanks,

Guillermo Gutierrez
Development Systems Engineer
Market Scan Information Systems
(818) 575-2000 x2427
ggutierrez at marketscan.com

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


More information about the samba mailing list