[Samba] samba 4, openldap and an public folder

Sat Jan 9 01:05:39 UTC 2016

Hi,
Forget about this... I found the issue: I don't know how to type correctly
a password (keymap different in windows and my cygwin session). I will stop
work in IT, buy a farm and raise goats instead...
Sorry world! ;)

2016-01-08 13:47 GMT-05:00 Romain Pelissier <romain.pelissier at gmail.com>:

> Hi,
> I have tried and spend some times to find the answer myself but it
> couldn't find anything that could solve my issue, so I hope someone could
> help me with this, and I am sure this could benefit to other samba users
> also.
> OK, here is the story:
> I currently use samba (smbd -V: Version 4.2.4-6.3-3503-SUSE-SLE_12-x86_64)
> I have a server where samba is installed and another one where openldap is
> running (on a opensuse 42.1). It works as a workgroup and wins server.
> Everything works find. Now my goal is to add a public folder where
> everybody on the network (even people that do not have an account on the
> openldap server) could use.
> Unfortunalty, it seems that I could have a public folder where no
> authentication is required, a users/profiles folder where authenticated
> users are redirected to there user's home folder but not both at the same
> time using the configuration below:
>
> (note that I have added manually the "Public" section, other part of the
> config have mostly been created by yast at installation time, I have only
> tweak some settings)
>
> [global]
>         workgroup = DOMAIN.LAN
>         passdb backend = ldapsam:ldap://server01.domain.lan
>         printing = cups
>         printcap name = cups
>         printcap cache time = 750
>         cups options = raw
>         map to guest = Bad User
>         logon path = \\%L\profiles\.msprofile
>         logon home = \\%L\%U\.9xprofile
>         logon drive = P:
>         usershare allow guests = No
>         add machine script = /sbin/yast
> /usr/share/YaST2/data/add_machine.rb %m$
>         domain logons = No
>         domain master = No
>         idmap backend = ldap:ldap://server01.domain.lan
>         ldap admin dn = cn=Administrator,dc=domain,dc=lan
>         ldap group suffix = ou=group
>         ldap idmap suffix = ou=Idmap
>         ldap machine suffix = ou=Machines
>         ldap passwd sync = Yes
>         ldap suffix = dc=domain,dc=lan
>         ldap user suffix = ou=people
>         netbios name = DOMAIN
>         security = user
>         wins support = Yes
>         log level = 3
>         guest account = pcguest
>         interfaces = 192.170.1.8
>         name resolve order = wins bcast host lmhosts
> [homes]
>         comment = Home Directories
>         valid users = %S, %D%w%S
>         browseable = No
>         read only = No
>         inherit acls = Yes
>         hide dot files = yes
> [profiles]
>         comment = Network Profiles Service
>         path = %H
>         read only = No
>         store dos attributes = Yes
>         create mask = 0600
>         directory mask = 0700
> [users]
>         comment = All users
>         path = /home
>         read only = No
>         inherit acls = Yes
>         veto files = /aquota.user/groups/shares/
>         hide dot files = yes
> [groups]
>         comment = All groups
>         path = /home/groups
>         read only = No
>         inherit acls = Yes
> [printers]
>         comment = All Printers
>         path = /var/tmp
>         printable = Yes
>         create mask = 0600
>         browseable = No
> [print$]
>         comment = Printer Drivers
>         path = /var/lib/samba/drivers
>         write list = @ntadmin root
>         force group = ntadmin
>         create mask = 0664
>         directory mask = 0775
>
>
> [Public]
>         comment = Dossier public
>         writeable = yes
>         path = /public
>         guest ok = Yes
>         create mask = 0770
>         directory mask = 2770
>         read only = No
>
> Can you help?
> Any idea and advice will be greatly appreciated :)
>
> Thanks!
>