[Samba] help needed: connecting with similar windows-unix usernames?

Gary Dale garydale at torfree.net
Wed May 24 11:41:52 GMT 2006 

You need to establish your Solaris box as a member server in the W2K3 
domain. SWAT has a wizard for that which will create the appropriate 
smb.conf. When you do this, the W2K3 domain controller will be used for 
authentication.

The accounts and/or groups need to map between the two boxes. Your 
Solaris box works using Unix priviliges at the file level. Therefore 
your Windows users need to be in appropriate Unix groups to access the 
shares. A simple way of handling this is to ensure that "Domain Users" 
maps to a local Unix such as "pcgis" (if that is a local group) that has 
access to the shares.


Amit Zvigoren wrote:

>Hello all samba'ers
> 
> 
>I'm trying to configure samba for Windows (active-directory)
>authentication, with every Windows-user having a similar unix username.
>I've created the users in both sides but I couldn't configure the
>smb.conf file (either with or without SWAT) to make it work.
> 
>I'm using XP clients with a Win2K3 as the domain server and Solaris 9 as
>the samba server.
> 
>Everything works fine when I use the 'security = share' option so I
>believe the physical connection is ok.
> 
> 
>1. Do I actually need to use 'security = user', or should I use
>'security = server"?
>2. I've created the smbpasswd(5) file and edited it with smbpasswd(8),
>and synchronized users+passwords with the relevant ones at /etc/passwd
>and /etc/shadow. Do I actually need the smbpasswd(5)?
>3. Is it feasible without using winbind?
>4. Does any of you have some smb.conf sample for connecting using
>similar windows-unix usernames?
>5. Do I need to use the 'username map' option even if the usernames are
>similar?
> 
> 
>Here is a part of the [global] section at my smb.conf, each line
>suffiixed (here, not actually in the file itself) with my description:
>[global]
>workgroup = GIS                    ' windows workgroup to 'contain' the
>samba server
>null passwords = yes              ' preferred, not a must
>valid users = minhal, +pcgis    ' pcgis is a group on unix. am I right?
>or does this parameter meant to be for windows groups?
>write list = minhal                  ' this user should have
>write-permission on shared directories regardless of their mode
> 
>Here is another section of my smb.conf for defining a samba share:
>[home1]
>path = /home1
>read only = no
>guest ok = yes     ' not necessary, just for the test
> 
> 
>Now what am I missing? what have I done wrong?
> 
> 
> 
>Thanks and regards,
> 
>Amit Zvigoren
>Systematics Technologies
> 
>  
>

More information about the samba mailing list