[Samba] user access to samba files

TAKAHASHI Motonobu monyo at monyo.com
Mon Nov 14 16:31:36 MST 2011


From: Lutz Kittler <l.kittler at sse-erfurt.de>
Date: Mon, 14 Nov 2011 13:17:28 +0100

> we use samba 3.5.6 on debian stable. Linux machines
> SAMBA1 , SAMBA2 and SAMBA3 joined to W2K3 domain W2K3-DOM
> by "net rpc join" and handle linux users with nis ( YP ).
> 
> On all samba machines smb.conf includes:
> 
> 	idmap domains = W2K3-DOM
>     idmap backend = tdb
>     idmap uid = 1000000-1999999
>     idmap gid = 1000000-1999999
> 
>     idmap config W2K3-DOM : backend  = nss
>     idmap config W2K3-DOM : range = 10000-999999
>     winbind enum users = Yes
>     winbind enum groups = Yes
> 
> But now we have troubles to access files on some samba pc.
> For instance  user1 has group software on nis and W2K3.

(snip)

> How and where can I change the behaviour on SAMBA2 and SAMBA3 so that
> yp users have access by there username ?

If you once enabled Winbind, all group membership that Samba
recognizes must be managed on Winbind or Windows. Unix-based group
membership (including yp, /etc/group and etc...) is ignored.

---
TAKAHASHI Motonobu <monyo at samba.gr.jp>


More information about the samba mailing list