[Samba] Samba File Server as Domain Member of Samba PDC

Daniel Müller mueller at tropenklinik.de
Fri Jan 28 04:33:20 MST 2011 

Hi,
what about wins server= server1 server2.
I did not know this is working!?
What about the ldap-server settings in your member servers smb.conf?:

ldap admin dn=cn=xxxx,dc=xxxxx,dc=xxxx
        ldap suffix= dc=xxxx,dc=xxxxx
        ldap group suffix = ou=Groups
        ldap user suffix = ou=Users
        ldap machine suffix = ou=Computers
        ldap idmap suffix = ou=Users
        idmap backend=ldap:ldap://xxxxxxxxxxxxx<-- your passwordserver
        idmap uid=15000-20000
        idmap gid=15000-20000

-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im Auftrag von Juan Asensio Sánchez
Gesendet: Freitag, 28. Januar 2011 08:55
An: samba at lists.samba.org
Betreff: [Samba] Samba File Server as Domain Member of Samba PDC

Hi

We have configured 2 PDC Samba (v3.0.33, sambapdc1 and sambapdc2)
servers using LDAP (389 DS v1.2.5) as its database backend. If I run
"net rpc user -UXXXX" from theses servers I get all groups in LDAP.
These servers are working fine for a long time.

Now I have configured a file server (not logon server, sambafs1), as a
member of the domain served by those servers (this with v3.3.8). I
have configured the LDAP client, so I can do "getent passwd" and
"getent group" and I see all objects from LDAP. Next, I have
configured Samba with this conf:

[global]
unix charset = LOCALE
workgroup = XXXXX.YYYYY
server string = Samba FS XXXXX.YYYYY - ZZZZZZZZZ

security = domain
encrypt passwords = yes
password server = sambapdc1 sambapdc2
wins server = sambapdc1 sambapdc2

syslog = 0
log level = 2
#log level = 20
log file = /var/log/samba/%m.trace
max log size = 1000
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

# Opciones de gestión de recursos compartidos
add share command    = /bin/bash /opt/ldap/samba/smb_share_add.sh
change share command = /bin/bash /opt/ldap/samba/smb_share_add.sh
delete share command = /bin/bash /opt/ldap/samba/smb_share_del.sh

map acl inherit = Yes

Next, I have joined the Samba FS in the domain, using the command "net
rpc join -UXXXXXX", without any errors. Now, If I run "net rpc group
-S sambafs1 -UXXXXX", I get no groups. Is this normal? As Samba can't
see any groups, I cannot assign privileges using "net rpc rights
grant", so users can manage shares from Windows using the add, change
and delete share commands.

Thanks in advance. Regards,
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list