[Samba] Permission issue writing to demo share

Lars Hanke debian at lhanke.de
Fri Jun 27 14:03:10 MDT 2014

>>> Well not really, the only member of the Administrators group is
>>> 'Administrator' and somehow when winbind is not used 'Administrator'
>>> gets mapped to 3000000. The cure ? setup winbind in nsswitch.conf and
>>> use ACL's
>>> You are going to have to do this for your unix users and it will make it
>>> easier if you also give your users uidNumber's
>> Alright, since I do not want ordinary user to log in to my credential
>> vault, I'll delegate file service to a member machine.
> Never does this, but I am fairly sure that you can use PAM to stop users
> logging into the server.
>> Is there any trouble to expect with samba 3.6.6 (except for the DNS
>> issue) as the file server?
> Well, the only problem is that the 3.6 series will reach EOL sometime
> this year, I think that you are using debian wheezy, so what about 4.1.7
> from backports ?

PAM is terrible. You always got it wrong, even if everything ran cleanly 
for years. ;)

Well backports tend to pull in more and more through time. I use it for 
the DC, where it's utterly required. I actually would not want it for 
simple clients, which merely need winbind and eventually mount some share.

The file server question is more complex. I'd really like to have my 
Synology NAS do all the gory stuff. But it runs 3.6.6. Don't know 
whether Synology plans to update DSM. The NFSv4 support is even worse.

  - lars.

More information about the samba mailing list