[Samba] Samba configuration issue
David Christensen
David.Christensen at viveli.com
Fri Jun 26 21:29:33 GMT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
John H Terpstra - Samba Team wrote:
> David Christensen wrote:
>> John H Terpstra - Samba Team wrote:
>>> John Drescher wrote:
>>>> On Fri, Jun 26, 2009 at 4:00 PM, David
>>>> Christensen<David.Christensen at viveli.com> wrote:
>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>> Hash: SHA1
>>>>>
>>>>> David Christensen wrote:
>>>>>> John Drescher wrote:
>>>>>>> On Fri, Jun 26, 2009 at 12:38 PM, David
>>>>>>> Christensen<David.Christensen at viveli.com> wrote:
>>>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>>>> Hash: SHA1
>>>>>>>>
>>>>>>>> I configured samba to work with an FDS backend using a howto from the
>>>>>>>> Fedora Directory Server site. The howto had me create a Administrator
>>>>>>>> user in LDAP with UID/GID of 0. Now when anyone logs in as root and do
>>>>>>>> a whoami it comes back as Administrator. If I delete the Administrator
>>>>>>>> user in LDAP samba will break, how do I get around this issue and still
>>>>>>>> provide samba the access level it needs?
>>>>>>>>
>>>>>>> put files first in your /etc/nsswitch.conf
>>>>>>> passwd: files ldap
>>>>>>> shadow: files ldap
>>>>>>> group: files ldap
>>>>>>> John
>>>>>> Looks like that is the way my nsswitch.conf is already configured.
>>>>> I am attempting to use the username map attribute in smb.conf to map
>>>>> root=Administrator but its not working, the Administrator account is
>>>>> still squashing root, do I need to delete the Administrator account from
>>>>> ldap or modify it in some way?
>>>>>
>>>> I do not know. I have user Administrator in my ldap but whoami shows root.
>>> You possibly have a file /etc/samba/smbusers in which there is a mapping
>>> as follows:
>>> root = administrator
>>> Tell me it's not true!
>>> - John T.
>>>> does root show up first on this command?
>>>>
>>>> getent passwd
>>>>
>>>>
>>>>
>>>> John
>> I do have /etc/samba/smbusers in which there is a mapping
>> as follows:
>>
>> root = administrator
>>
>> However it was not specified in smb.conf until today, when I tried to
>> "use" it.
>
> OK, but what does testparm tell you about the default configuration for
> your system?
>
> testparm -sv | grep username
>
> If the parameter "username map" is not mapped to /etc/samba/smbusers,
> the issue is isolated to the mappings of the "root" and "administrator"
> accounts and their respective uid/gid.
>
> - John T.
"username map" is no longer mapped to /etc/samba/smbusers, I commented
it out so it looks like the issue is indeed isolated to the mappings of
the root and administrator accounts.
How do I permit the Administrator account the access level it needs
without squashing root on every box?
This is what I currently have:
[root at ldap2 profiles]# getent passwd | grep :0:0
root:x:0:0:root:/root:/bin/bash
Administrator:x:0:0:Samba Admin:/root:/bin/bash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkpFPbwACgkQ5B+8XEnAvquzcgCdGC8GWBpC1Masc6GTVPmT/i4F
A6kAoJVQhhFdogK7jIS8ukUiibbw9UsS
=Rpnw
-----END PGP SIGNATURE-----
More information about the samba
mailing list