[Samba] Newbie : bad uid in the smbpasswd file ?
garydale at rogers.com
Tue Dec 28 12:29:28 MST 2010
On 28/12/10 06:44 AM, Francois Lafont wrote:
> Hello everybody,
> I don't understand why the uid isn't correct in the /etc/samba/smbpasswd
> file. My OS is Ubuntu 10.04. Some precise explanations below:
> # smbd -V
> Version 3.4.7
> # testparm -s /etc/samba/smb.conf
> Load smb config files from /etc/samba/smb.conf
> rlimit_max: rlimit_max (1024) below minimum Windows limit (16384)
> Processing section "[PARTAGE]"
> Loaded services file OK.
> Server role: ROLE_STANDALONE
> workgroup = MON-DOMAINE
> netbios name = SAMBA-SRV
> server string = ""
> map to guest = Bad User
> passdb backend = smbpasswd
> guest account = francois
> lanman auth = Yes
> log level = 1
> max log size = 10
> wins support = Yes
> comment = Pour faire des tests
> path = /resteDisque1/dossier
> read only = No
> guest ok = Yes
> # service smbd restart
> smbd start/running, process 6638
> # service nmbd restart
> nmbd start/running, process 6650
> # cat /etc/samba/smbpasswd # no output, the file is empty
> # pdbedit -L # no result, no samba user
> # smbpasswd -a francois # I create the user francois
> New SMB password:
> Retype new SMB password:
> Added user francois.
> # cat /etc/samba/smbpasswd # In this file, the uid is 0, like root ?!
> # pdbedit -L # With this command, the uid is 1000 ?!
> # cat /etc/passwd | grep francois # 1000 is the *real* uid of francois
> The real uid of francois is 1000. Why is the uid equal to 0 in the
> smbpasswd file ?
> Thanks in advance for your help.
Bonjour Francois. One question is why are you using smbpasswd instead of
tdb for the backend?
I suggest that you remove (purge) your samba implementation and
reinstall it with the defaults. Next use swat to configure things.
You need to consider the role the server plays, I highly recommend that
you make it a domain controller unless you already have one. If you have
a domain controller then join the server to the domain. If you don't
have a domain controller, then use your samba server as domain controller.
Once you have your server's role established, add and enable the
accounts using swat.
If this is a workstation that you are simply trying to share a folder
from, then consider whether that is really a good idea. Sharing files
exposes your machine unnecessarily. It is far better to set up a server
with a shared folder.
You can get all kinds of network storage devices quite cheaply that will
do the job. Or you can use an old computer and set it up as domain
controller/file server. You can even share printers, scanners, etc. from it.
However, if you must use a workstation to share files, then use swat to
configure it as a standalone or domain member server with whatever
access rights you want. However, I strongly advise against using your
account to provide guest access. Set up a real guest account that has no
login rights (e.g. set the login shell to /bin/false).
More information about the samba