[Samba] Samba4 creating share and setting permissions without windows tools
Rowland Penny
rowlandpenny at googlemail.com
Fri Aug 1 02:43:22 MDT 2014
On 01/08/14 00:24, Diego Llovet wrote:
> Marc, My server is a DC not a member server of a active directory, I
> don't know if there are different configurations for that. Anyway with
> this changes don't work
>
> I followed
> https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server too.
>
> When I do wbinfo -u and wbinfo -g show correctly the users/groups of
> domain, but getent only users/groups locally
>
> There is obviously something I'm not understanding
If you are not getting any domain users and you have updated
/etc/nsswitch.conf, then it is probable that you have put the winbind
links in the wrong place. Just what OS are you using for the samba4 server?
Rowland
>
>
> 2014-07-31 16:45 GMT-03:00 Rowland Penny <rowlandpenny at googlemail.com
> <mailto:rowlandpenny at googlemail.com>>:
>
> On 31/07/14 20:26, Diego Llovet wrote:
>
> ok, but I have an empty /etc/nsswitch and windbind is stopped,
> according to wiki there is not necessary or at least not mentioned
>
> ________ smb.conf
> # Global parameters
> [global]
> workgroup = DOMAIN
> realm = DOMAIN.COM <http://DOMAIN.COM>
> <http://DOMAIN.COM>
>
> netbios name = PRUEBASDIEGO
> interfaces = lo, eth0
> bind interfaces only = Yes
> server role = active directory domain controller
> idmap_ldb:use rfc2307 = yes
>
> [netlogon]
> path =
> /usr/local/samba/var/locks/sysvol/domain.com/scripts
> <http://domain.com/scripts> <http://domain.com/scripts>
>
> read only = No
>
> [sysvol]
> path = /usr/local/samba/var/locks/sysvol
> read only = No
>
> [home]
> path = /home/homeUsers/
> read only = No
>
> [share]
> path = /home/share
> read only = no
> create mask = 0777
>
> [People]
> path = /home/people/
> read only = No
> ________
>
> Provisioned samba4
>
> samba-tool domain provision --use-rfc2307 --interactive
> --option="interfaces=lo eth0" --option="bind interfaces only=yes"
>
>
>
>
> 2014-07-31 14:56 GMT-03:00 Rowland Penny
> <rowlandpenny at googlemail.com
> <mailto:rowlandpenny at googlemail.com>
> <mailto:rowlandpenny at googlemail.com
> <mailto:rowlandpenny at googlemail.com>>>:
>
>
> On 31/07/14 18:47, Diego Llovet wrote:
>
> Hi,
> wbinfo -g return the groups that I created withh
> samba-toll
> group add IT
> getent group IT return nothing
>
>
> That is where your problem lies, you need to be able to run
> 'getent passwd' and have it return your users and 'getent
> group
> <groupname>' needs to return info about the group.
>
> Could you post your smb.conf, /etc/nsswitch and how you
> provisioned the samba4 server.
>
> Rowland
>
>
>
> 2014-07-31 13:18 GMT-03:00 Rowland Penny
> <rowlandpenny at googlemail.com
> <mailto:rowlandpenny at googlemail.com>
> <mailto:rowlandpenny at googlemail.com
> <mailto:rowlandpenny at googlemail.com>>
> <mailto:rowlandpenny at googlemail.com
> <mailto:rowlandpenny at googlemail.com>
>
> <mailto:rowlandpenny at googlemail.com
> <mailto:rowlandpenny at googlemail.com>>>>:
>
>
> On 31/07/14 14:48, Diego Llovet wrote:
>
> Hello,
>
> I need a way to set permissions to share folder
> without to use
> RSAT, I've
> not found anything about that.
>
> The samba wiki said that
>
> ---------------------
> Change permissions on folders of a share
>
>
> Changes of permissions are done using the
> classic *nix
> tools
> 'chmod',
> 'chown' and 'chgrp'.
>
> Example:
>
> Code:
>
> # mkdir /srv/samba/Demo/Example/
> # chown foobar:DemoGroup /srv/samba/Demo/Example/
> # chmod 2770 /srv/samba/Demo/Example/
>
> -------------------
>
> I created a group DemoGroup with "samba-tool
> group add
> DemoGroup"
> Then, when I did
> Code:
>
> chown foobar:DemoGroup /srv/samba/Demo/Example/
>
> I got this error
> Code:
>
> chown: invalid group: "DemoGroup"
>
> What must I do to allow groups created by
> samba-tool works
> with chown??
>
> How can I do to assign permissions to a shared
> folder from
> command line
> using the power of samba4?
>
> Thank you in advance
>
> Hi, what does 'wbinfo -g' and 'getent group DemoGroup'
> return ?
>
> Rowland
>
> -- To unsubscribe from this list go to the
> following
> URL and read the
> instructions:
> https://lists.samba.org/mailman/options/samba
>
>
>
> -- To unsubscribe from this list go to the following
> URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
> I some how thought that was what you were going to say, it would
> seem that part of the samba dc howto wiki page has gone missing,
> or rather it has migrated totally to another page!!
>
>
> Make domain users/groups available locally through Winbind
>
> To have your domain users and groups available locally on your
> Member Server, you need to place two links in your /lib64 folder:
>
> # ln -s /usr/local/samba/lib/libnss_winbind.so /lib64
> # ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2
> # ldconfig
>
> *If you are running a 32-bit system ("uname -i" will return
> "i686"), you have to use /lib instead!*
>
> The final step of the configuration is to add 'winbind' to the
> 'passwd' and 'group' entry of your /etc/nsswitch.conf:
>
> passwd: compat winbind
> group: compat winbind
>
>
> HINT HINT Marc ;-)
>
> Do the above and see if this helps.
>
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list