[Samba] Owner/Permissions and winbind

Mostro Mostro mostro713 at gmail.com
Tue Mar 13 22:11:08 GMT 2007 

On 3/13/07, Marc Muehlfeld <Marc.Muehlfeld at medizinische-genetik.de> wrote:
>
> Hello,
>
> I have two Samba Domains and each trust each other (PDCs run 3.0.22). Also
> I have a samba member server (3.0.24) that runs winbind. When I use wbinfo
> I can see the user and groups of both domains. I also can chown/chgrp
> files with users of the domain the server is member of. But I can`t
> chown/chgrp with accounts of the trusted domain. chown doesn`t work at
> all. chgrp works, but then only the gid (from winbind) is shown:
>
>
> # chown "TRUSTDOM+muehlfeld" file.txt
> chown: `TRUSTDOM+muehlfeld': invalid user
>
> # chgrp "TRUSTDOM+group" file.txt
> # ls -la file.txt
> -rw-r--r--  1 root 10051 0 Mar  8 12:32 file.txt
>
>
> I also have a Win2003r2 Member Server. When I add rights to a file for a
> user of the trusted domain, I see the name. But when I close the window
> and then open it again, the name of the user/group changed into the SID.
>
>
> So I guess it`s a problem or misconfiguration from the two PDCs, and not
> of the member servers.
>
>
> This are my winbind settings:
>
>         idmap backend = ldap:ldap://192.168.29.4
>         idmap uid = 10000-20000
>         idmap gid = 10000-20000
>         winbind separator = +
>         winbind enum users = yes
>         winbind enum groups = yes
>         template homedir = /home/%U
>         template shell = /bin/false
>         winbind nested groups = yes
>         winbind cache time = 300
>         winbind nss info = template
>         winbind use default domain = yes
>         winbind trusted domains only = yes
>
>
> Any idea what could be wrong?
>
>
> Also one more question: Any plans, when winbind on a PDC could handle
> local users and from the trusted domains?
>
>
> Best regards
> Marc Muehlfeld
>
>
> --
> Marc Muehlfeld
> Zentrum fuer Humangenetik und Laboratoriumsmedizin Dr. Klein und Dr. Rost
> Lochhamer Str. 29 - D-82152 Martinsried
> Telefon: +49(0)89/895578-0 - Fax: +49(0)89/895578-78
> http://www.medizinische-genetik.de


I am witnessing the same thing. Are you seeing core dumps in
/var/log/messages?

####################

Hi all,
>
> smbd -V:   Version 3.0.23d-19.2-1179-SUSE-SL10.2
>
> I'm seeing a core dump in /var/log/messages when trying to access the
> security tab from Windows when I have Active Directory users and groups
> assigned to the Linux file system.
>
> I can replicate this each time by doing the following.
>
> Change the permissions on the Linux directory I have specified as a share
> in smb.conf.
>
> ls -ltr /dir/
> drwxrwxrwx  2 root                  users                     4096
> 2007-03-10 09:17 shared
>
> With these setting I can access the security tab from Windows without
> seeing any errors in the messages log.
>
> Permissions from the security tab show up as:
>
> Everyone
> root (Unix User\root)
> users (Unix Group\users)
>
> Now, I change permissions on the file system to:
>
>  chown -R "DOMAIN\administrator" shared/ && chgrp -R "DOMAIN\domain users"
> shared/
>
> ls -ltr /dir/
> drwxrwxrwx  2 DOMAIN\administrator DOMAIN\domain users  4096 2007-03-10
> 09:17 shared
>
> Next, go back to access the security tab on the share while tailing the
> messages log. I receive this:
>
> The log below doesn't get created until I click on the security tab.
>
> [2007/03/10 10
>   ===============================================================
>  [2007/03/10 10
>   INTERNAL ERROR
>   Please read the Trouble-Shooting section of the Samba3-HOWTO
>  [2007/03/10 10
>
>   From
>  [2007/03/10 10
>   ===============================================================
>  [2007/03/10 10
>   PANIC (pid 13523)
>  [2007/03/10 10
>   BACKTRACE
>    #0 /usr/sbin/smbd(log_stack_trace+0x2d) [0x8021661d]
>    #1 /usr/sbin/smbd(smb_panic+0x5d) [0x8021674d]
>    #2 /usr/sbin/smbd [0x8020250a]
>    #3 [0xb7f9a420]
>    #4 /lib/libc.so.6(abort+0x101) [0xb7af8801]
>    #5 /usr/sbin/smbd [0x8021c9f6]
>    #6 /usr/sbin/smbd(talloc_steal+0x3a) [0x8021cbca]
>    #7 /usr/sbin/smbd(lookup_sids+0x3aa) [0x801d3bca]
>    #8 /usr/sbin/smbd [0x80106dc1]
>    #9 /usr/sbin/smbd(_lsa_lookup_sids2+0x12d) [0x8010741d]
>    #10 /usr/sbin/smbd [0x80103621]
>    #11 /usr/sbin/smbd(api_rpcTNP+0x198) [0x80160ae8]
>    #12 /usr/sbin/smbd(api_pipe_request+0x19e) [0x8016113e]
>    #13 /usr/sbin/smbd [0x8015cbcf]
>    #14 /usr/sbin/smbd [0x8015d10c]
>    #15 /usr/sbin/smbd(write_to_pipe+0x6e) [0x8015b93e]
>    #16 /usr/sbin/smbd [0x8005ee81]
>    #17 /usr/sbin/smbd [0x8005f3b6]
>    #18 /usr/sbin/smbd(reply_trans+0x5e0) [0x8005fcc0]
>    #19 /usr/sbin/smbd [0x800b3d40]
>    #20 /usr/sbin/smbd(smbd_process+0x78b) [0x800b4e3b]
>    #21 /usr/sbin/smbd(main+0xbd0) [0x802bebf0]
>    #22 /lib/libc.so.6(__libc_start_main+0xdc) [0xb7ae3f9c]
>    #23 /usr/sbin/smbd [0x80042d91]
>  [2007/03/10 10
>   unable to change to /var/log/samba/cores/smbdrefusing to dump core
>  [2007/03/10 10
>   ===============================================================
>  [2007/03/10 10
>   INTERNAL ERROR
>   Please read the Trouble-Shooting section of the Samba3-HOWTO
>  [2007/03/10 10
>
>   From
>  [2007/03/10 10
>   ===============================================================
>  [2007/03/10 10
>   PANIC (pid 13524)
>  [2007/03/10 10
>   BACKTRACE
>    #0 /usr/sbin/smbd(log_stack_trace+0x2d) [0x8021661d]
>    #1 /usr/sbin/smbd(smb_panic+0x5d) [0x8021674d]
>    #2 /usr/sbin/smbd [0x8020250a]
>    #3 [0xb7f9a420]
>    #4 /lib/libc.so.6(abort+0x101) [0xb7af8801]
>    #5 /usr/sbin/smbd [0x8021c9f6]
>    #6 /usr/sbin/smbd(talloc_steal+0x3a) [0x8021cbca]
>    #7 /usr/sbin/smbd(lookup_sids+0x3aa) [0x801d3bca]
>    #8 /usr/sbin/smbd [0x80106dc1]
>    #9 /usr/sbin/smbd(_lsa_lookup_sids2+0x12d) [0x8010741d]
>    #10 /usr/sbin/smbd [0x80103621]
>    #11 /usr/sbin/smbd(api_rpcTNP+0x198) [0x80160ae8]
>    #12 /usr/sbin/smbd(api_pipe_request+0x19e) [0x8016113e]
>    #13 /usr/sbin/smbd [0x8015cbcf]
>    #14 /usr/sbin/smbd [0x8015d10c]
>    #15 /usr/sbin/smbd(write_to_pipe+0x6e) [0x8015b93e]
>    #16 /usr/sbin/smbd [0x8005ee81]
>    #17 /usr/sbin/smbd [0x8005f3b6]
>    #18 /usr/sbin/smbd(reply_trans+0x5e0) [0x8005fcc0]
>    #19 /usr/sbin/smbd [0x800b3d40]
>    #20 /usr/sbin/smbd(smbd_process+0x78b) [0x800b4e3b]
>    #21 /usr/sbin/smbd(main+0xbd0) [0x802bebf0]
>    #22 /lib/libc.so.6(__libc_start_main+0xdc) [0xb7ae3f9c]
>    #23 /usr/sbin/smbd [0x80042d91]
>  [2007/03/10 10
>   unable to change to /var/log/samba/cores/smbdrefusing to dump core
>
> P.S. I'm really new to SAMBA as a domain member server and I don't want to
> waste anyone's time with useless information. So, if there is more
> information or further debugging needed before I post let me know...
>
> Thanks in advance...
>

More information about the samba mailing list