[Samba] Migrating from 3.0.7 to 3.0.23c problems
Gary Martin
gmartin at overtons.com
Mon Feb 12 20:01:10 GMT 2007
The samba logs didn't contain anything interesting or pertinent. Here
is my smb.conf:
[global]
smb ports = 445 139
workgroup = MyDomain
netbios name = MyName
server string = Samba Server
passdb backend = tdbsam
domain logons = Yes
os level = 65
local master = Yes
preferred master = Yes
domain master = Yes
idmap uid = 15000-20000
idmap gid = 15000-20000
log file = /var/log/samba/%m.log
max log size = 50
security = user
password level = 8
username level = 8
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = yes
passwd program = /usr/bin/passwd --stdin %u
passwd chat = *password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
username map = /etc/samba/smbusers
wins support = Yes
add user script = /usr/sbin/useradd -m -s /sbin/nologin %
u; /usr/sbin/usermod -L %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /sbin/nologin -d /dev/null
-g machines -M %u; /usr/sbin/usermod -L %u
logon script = %G.bat
remote announce = 10.2.0.0
use client driver = Yes
logon drive =
logon home =
logon path =
veto oplock files = /*.iso/'
hide unreadable = yes
admin users = +groupname
Thanks,
Gary
On Fri, 2007-02-09 at 12:26 -0200, Felipe Augusto van de Wiel wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 02/08/2007 05:03 PM, Gary Martin wrote:
> > We built a new server running Samba 3.0.23c and configured it to replace
> > our corporate PDC that was running Samba 3.0.7. The PDC uses tdbsam and
> > has the "admin users" directive defined. All user accounts were copied
> > to the new server. Using the output of "net groupmap list" from the old
> > server we mapped the windows accounts and SIDs to their unix group
> > counterparts on the new server. When we started using the new server we
> > experienced some problems, users could log in to the domain and access
> > samba shares but not could not access windows shares on the domain.
> > Also our Domain Admins had a uid of 0 as expected but could not perform
> > administrative duties on pc domain members. We downgraded the system to
> > samba version 3.0.21b and got it running properly performing the same
> > steps. We would still like to upgrade to 3.0.24 though. Does anybody
> > have an idea of what went wrong with our upgrade? Can anyone offer tips
> > or instructions on how to upgrade from 3.0.21b to 3.0.24?
>
> Did you check the Release Notes and WHATSNEW? There are
> a few changes between 3.0.21 and 3.0.24 that impacts the way that
> groups are handled.
>
> In our setup, we add users in Domain Admins group and
> that's enough to let them do administrative tasks on the clients,
> we also did the 'net rpc rights' to the Domain Admins group,
> considering that, we don't need 0-uid users.
>
> After 3.0.8 and 3.0.14 there are some changes in the
> way groups are handled and also other important changes on how
> Samba checks permissions and control access.
>
> Perhaps you could post your smb.conf and some logs so
> we can try to help you find out what are the missing points.
>
>
> > Thanks,
> > Gary
>
> Kind regards,
>
> - --
> Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
> http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300)
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFFzIR7Cj65ZxU4gPQRAqN+AJ9dz4YVUGC26fH5AIdhv4ihHCZywgCgmlRk
> cKsOiviZYgwC/aAf7UJ4MII=
> =Vr4+
> -----END PGP SIGNATURE-----
More information about the samba
mailing list