[Samba] Samba Domain Member Server -- tdbsam/winbind/idmap_rid --
file ownership ?
Chris Hall
chris.hall at halldom.com
Sat Feb 10 12:45:52 GMT 2007
Following myself up...
On Fri, 9 Feb 2007 Chris Hall <chris.hall at halldom.com> wrote
>
>I have just struggled to implement a Samba Domain Server, and have some
>remaining issues.
>
>I have a Samba PDC using tdbsam, managing a domain called RHEA.
>
>I have (finally) configured a new Samba Domain Server (AUREUS) using
>winbind and idmap_rid.
>
>When I am logged in to RHEA as user GMCH I can access a TMP share on
>AUREUS (at last).
>
>Running 'getent passwd' I get (inter alia):
>
> RHEA\gmch:*:12000:10513:....
>
>and 'getent group' gives:
>
> RHEA\domain users:*:1053:RHEA\gmch:...
>
>When I create files on TMP I find that they are owned by 'root' and in
>the group 'RHEA\domain users', eg:
>
> -rwxr--r-- 1 root RHEA\domain users 8 Feb 8 20:29 Hello Samba
>
>The group is fine.
>
>QUESTION: why is the file owner not RHEA\gmch ?
>
>I note that 'RHEA\gmch' and 'RHEA\domain users' are apparently disabled
>as far as getent can see -- so I suppose that's what winbindd is
>telling it. Is this the problem ?
I have told the pam set up to use winbindd. No change.
I note that I can chown 'RHEA\gmch', but I cannot su 'RHEA\gmch' (su
just quietly fails, and I stay as root).
If I put 'force user = RHEA\gmch' into a [TMP] share, the share becomes
unusable !
What am I missing ?? Am I expecting too much ? [Though given that I
can chown to RHEA\gmch, I'd have thought that samba could ??]
Chris
--
Chris Hall
More information about the samba
mailing list