[Samba] Share Access

Gary Dale garydale at torfree.net
Sat May 6 03:10:29 GMT 2006 

If you did the smbpasswd -a, then I would expect they would be mapped. 
However, you are having a problem that looks like a mapping issue. 
However, it could also be that the accounts have not been enabled.

Personally, I find it easier to add user accounts using SWAT. If your 
scripts are set up properly, it's all you need to do. I'm a little leery 
about getting too deep into the nuts and bolts by doing everything 
manually. It's too easy to miss a step or get the order wrong. I prefer 
to use the simple tools unless I have a good reason not to.  :)  When I 
use SWAT to set up the users, things work.

I believe you can also use the Windows domain account tools if you have 
them available.


Donald W Watson wrote:

> If the samba users were created with "useradd" and "smbpasswd" aren't 
> they already mapped?
>
> Sincerely, Don Watson
> Linux Technology and Solutions; Beaverton, OR
> 503-578-4861/TL: 775-4861; dwatson at us.ibm.com
> Inactive hide details for Gary Dale <garydale at torfree.net>Gary Dale 
> <garydale at torfree.net>
>
>
>                         *Gary Dale <garydale at torfree.net>*
>
>                         05/05/2006 09:51 AM
>                         Please respond to
>                         gary
>
> 	
>
> To
> 	
> Donald W Watson/Beaverton/IBM at IBMUS
>
> cc
> 	
> samba at lists.samba.org
>
> Subject
> 	
> Re: [Samba] Share Access
>
> 	
>
>
> In order for a Windows client to gain access to a share, it needs to
> authenticate with a Windows user id. This id should map, either directly
> or through group membership, to something your Linux/Unix box can
> handle. Samba is able to handle the share mounting because it doesn't
> need to access the Linux/Unix file system. However, once you start
> getting at the files, those permissions are handled by Linux/Unix.
> Therefore you need Linux/Unix access to the files. This means the id
> that Windows is using has to map to a Linux/Unix account (or an
> appropriate group mapping needs to exist).
>
> Try installing / activating SWAT on your server. This makes
> administration easy. Next, create your two users in SWAT and activate
> them. I believe SWAT is smart enough to match the user names to the
> existing Linux/Unix user names. Otherwise you may have to use some of
> the command-line programs to do the mapping.
>
>
> Donald W Watson wrote:
>
> > Gary, thanks for the reply. However, I still don't understand.
> >
> > On the linux server, user1 is user 500 and user2 is user 501. There
> > are no corresponding user id's on the linux client, and the client is
> > not a member of the domain, but writing to the share file works when
> > the share is mounted by user1.
> >
> > On the windows client, there are no corresponding local users, but the
> > machine is a member of the samba domain; however, I still cannot write
> > to the share file when the connection is made by user1.
> >
> > Sincerely, Don Watson
> > Linux Technology and Solutions; Beaverton, OR
> > 503-578-4861/TL: 775-4861; dwatson at us.ibm.com
> > Inactive hide details for Gary Dale <garydale at torfree.net>Gary Dale
> > <garydale at torfree.net>
> >
> >
> >                         *Gary Dale <garydale at torfree.net>*
> >
> >                         05/04/2006 08:37 PM
> >                         Please respond to
> >                         gary
> >
> >
> >
> > To
> >
> > Donald W Watson/Beaverton/IBM at IBMUS
> >
> > cc
> >
> > samba at lists.samba.org
> >
> > Subject
> >
> > Re: [Samba] Share Access
> >
> >
> >
> >
> > The Linux case is easy. You are using Linux /Unix user names. When you
> > attempt to connect from Windows however, you are using a Windows user
> > name. This needs to map to a Linux / Unix user name.
> >
> > It's more common to use group privileges on shares with Windows, so
> > putting your Windows users in groups and mapping them to Linux / Unix
> > groups would also work.
> >
> >
> >
> > Donald W Watson wrote:
> >
> > >
> > >
> > >Could someone help me understand if what I'm seeing with share 
> access is
> > >correct?
> > >
> > >On my samba domain I have two users (user1 and user2) and one 
> share; the
> > >share has attribute "writelist = user1".
> > >
> > >On a linux machine I:
> > >   mount the share with "mount -t cifs -o username=user1"
> > >   successfully open a  file in the share for writing with the perl
> > "open"
> > >   function
> > >   close the file
> > >   umount the share
> > >   mount the share with "mount -t cifs -o username=user2"
> > >   unsuccessfully attempt to open a file in the share for writing
> > with the
> > >   perl "open" function
> > >   umount the share
> > >This is, I think, as expected.
> > >
> > >However, on Windows2003, I:
> > >   connect the share as user1
> > >   unsuccessfully attempt to open the file for writing with vim
> > >This seems inconsistent with the results on linux, and not what I
> > expected.
> > >
> > >Am I misinterpreting the expected results?  Thanks for any responses.
> > >
> > >Sincerely,    Don Watson
> > >Linux Technology and Solutions; Beaverton, OR
> > >503-578-4861/TL: 775-4861; dwatson at us.ibm.com
> > >  
> > >
> >
> >
>
>

More information about the samba mailing list