[Samba] winbind bug?
Rowland Penny
rowlandpenny at googlemail.com
Thu Mar 27 12:29:39 MDT 2014
On 27/03/14 18:25, Doug Tucker wrote:
> [root at lylesmb1 samba]# getent passwd tuckerd
> tuckerd:vpEMa0kDPwsvM:4011:500:Doug Tucker:/users4/enoc/tuckerd:/bin/bash
>
> [root at lylesmb1 samba]# getent passwd jghorbanian
> jghorbanian:pgPJ8tAYoZaFo:11333:450:Jafar
> Ghorbanian:/users5/megrad/jghorbanian:/bin/bash
>
> [root at lylesmb1 samba]# id tuckerd
> uid=4011(tuckerd) gid=500(seasadm) groups=500(seasadm)
>
> [root at lylesmb1 samba]# id jghorbanian
> uid=11333(jghorbanian) gid=450(cmegrad) groups=450(cmegrad)
>
>
> tuckerd works
> jghorbanian does not work...on windows 7...works on windows XP...note
> his unix ID# > 11000...i changed his unix id to 3308 and then he
> worked just fine.
>
> Sincerely,
>
> Doug Tucker
>
> On 03/27/2014 01:12 PM, Chan Min Wai wrote:
>> did getent passwd username
>>
>> or id username show something strange?
>>
>>
>>
>> On Fri, Mar 28, 2014 at 2:08 AM, Doug Tucker <tuckerd at lyle.smu.edu
>> <mailto:tuckerd at lyle.smu.edu>> wrote:
>>
>> On 03/27/2014 12:51 PM, Chan Min Wai wrote:
>>
>> Hi Doung,
>>
>> Quote you statement "configuration and held the unix uid's,
>> etc..that this would tell samba to look to AD for those values
>> (which concerns me to put that in and break all the existing
>> users) and we certainly do not have that in our AD here"
>>
>> If your AD users don't have unix uid , home dir, shell...
>>
>> It gets this from unix. We merely pass the login credentials to
>> AD for authentication. Then we map to the unix side for unix uid,
>> home dir. This directive maps the unix users to a corresponding
>> AD user:
>>
>> # Unix users can map to different SMB User names
>> username map = /etc/samba/domain_user.map
>>
>>
>>
>> If you don't have unix uid, winbind will not read this users...
>>
>> All users are being read by winbind, even the ones that are
>> failing..those with unix ID > 11000. I can show you the logs on a
>> failed user. They pass authentication. Their unix id is correct.
>> Samba presents then their home directory, and then suddenly drops
>> to "access denied".
>>
>> Not to throw confusion in it as I am trying to get some focus on
>> this fact that unix ID > 11000 fails on windows 7..but, if I
>> change the home directory permissions on the unix side from 700
>> (standard) to 777...the user that *was* failing can then map the
>> directory, and when they write files, it is written with the
>> correct permissions.
>>
>>
>>
>>
>>
>>
>
Just one thought, do you have any local users on the linux machines ???
Rowland
More information about the samba
mailing list