[Samba] centos 6.5 sernet-samba 4.1.6 member server winbind idmap fail
Lorenzo Faleschini
lorenzo.faleschini at nordestsystems.com
Thu Apr 10 12:09:30 MDT 2014
When I go into the share permissions and security tab in compmgmt.msc
I see Administrator with a red X on it (as if it was disabled, but it's
not in ADUC).
I created another account (otheradmin) with UNIX Attributes, added to
Domain Admins (and set this as primary UNIX group)
with this user seems that I can manage shares correctly (and get rid of
Everyone's permissions)
there's a strange behaviour for administrator user
Il 10/04/2014 19:21, Rowland Penny ha scritto:
>> eg: getent group "MY\\Domain Admins" - works
>> getent group - doesn't show anything
>>
>
> You have a problem somewhere, getent should display all users, local
> and domain. There seems to be bug in getent (or is a feature) when it
> comes to groups, you must use 'getent group <domain group name>'
getent -V returns 2.12
anyway
getent passwd returns system users + domain users (that have UID set)
getent group returns only system groups
getent group "MY\\Domain Admins" returns
domain admins:x:10000:otheradmin,administrator
getent group "MY\\Domain Users" returns
domain users:x:10001:
(the users are not listed in the "Domain Users" group by default?
because is the everyone's default group?)
>> Now my problem is that if I try to setup share permissions I can
>> manage the share only if I leave "Full Control" to "Everyone".. and
>> this is quite useless.
>>
> Where are the shares stored, on the Samba DC or or on the fileserver ?
shares are on fileserver (I've checked the behaviour of Administrator
user also on the DC and the red X is always there)
>
> Rowland
thanks for your time Rowland
Lorenzo Faleschini
IT Manager @ Nord Est Systems srl
----------------------------------------
m: +39 335 6055225 | skype: falegalizeit
More information about the samba
mailing list