[Samba] Samba configuration issue

John H Terpstra - Samba Team jht at samba.org
Fri Jun 26 21:14:50 GMT 2009 

David Christensen wrote:
> John H Terpstra - Samba Team wrote:
>> John Drescher wrote:
>>> On Fri, Jun 26, 2009 at 4:00 PM, David
>>> Christensen<David.Christensen at viveli.com> wrote:
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA1
>>>>
>>>> David Christensen wrote:
>>>>> John Drescher wrote:
>>>>>> On Fri, Jun 26, 2009 at 12:38 PM, David
>>>>>> Christensen<David.Christensen at viveli.com> wrote:
>>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>>> Hash: SHA1
>>>>>>>
>>>>>>> I configured samba to work with an FDS backend using a howto from the
>>>>>>> Fedora Directory Server site.  The howto had me create a Administrator
>>>>>>> user in LDAP with UID/GID of 0.  Now when anyone logs in as root and do
>>>>>>> a whoami it comes back as Administrator.  If I delete the Administrator
>>>>>>> user in LDAP samba will break, how do I get around this issue and still
>>>>>>> provide samba the access level it needs?
>>>>>>>
>>>>>> put files first in your /etc/nsswitch.conf
>>>>>> passwd:     files ldap
>>>>>> shadow:     files ldap
>>>>>> group:      files ldap
>>>>>> John
>>>>> Looks like that is the way my nsswitch.conf is already configured.
>>>>  I am attempting to use the username map attribute in smb.conf to map
>>>> root=Administrator but its not working, the Administrator account is
>>>> still squashing root, do I need to delete the Administrator account from
>>>> ldap or modify it in some way?
>>>>
>>> I do not know. I have user Administrator in my ldap but whoami shows root.
>> You possibly have a file /etc/samba/smbusers in which there is a mapping
>> as follows:
> 
>> root = administrator
> 
>> Tell me it's not true!
> 
>> - John T.
> 
>>> does root show up first on this command?
>>>
>>> getent passwd
>>>
>>>
>>>
>>> John
>  I do have /etc/samba/smbusers in which there is a mapping
> as follows:
> 
> root = administrator
> 
> However it was not specified in smb.conf until today, when I tried to
> "use" it.

OK, but what does testparm tell you about the default configuration for
your system?

	testparm -sv | grep username

If the parameter "username map" is not mapped to /etc/samba/smbusers,
the issue is isolated to the mappings of the "root" and "administrator"
accounts and their respective uid/gid.

- John T.

More information about the samba mailing list