[Samba] Unable to set up home share correctly

Rowland Penny rpenny at samba.org
Thu Oct 13 13:09:16 UTC 2016 

On Thu, 13 Oct 2016 14:48:57 +0200
Udo Willke via samba <samba at lists.samba.org> wrote:

> Hello Rowland,
> 
> thank you for your swift reply. I made the modifications you
> suggested, which unfortunately did not better the situation. No
> change as to the "Creator Owner" rights and the Administrator account
> still shown as locked. Also, I couldn't spot any suspicious messages
> in the Samba logfiles besides maybe
> 
> get_referred_path: |profiles| in dfs path 
> \fileserver.mydomain.lan\profiles is not a dfs root.
> get_referred_path: |home| in dfs path \fileserver.mydomain.lan\home
> is not a dfs root.
> 
> My test users have uidNumbers und gidNumbers defined. I found this
> nifty command to list them
> 
> root at fileserver:/var/log/samba# net ads search 
> '(|(uidNumber=*)(gidNumber=*))' sAMAccountName uidNumber gidNumber -P
> Got 15 replies
> 
> sAMAccountName: Enterprise Read-Only Domain Controllers
> gidNumber: 10005
> 
> sAMAccountName: Administrator
> uidNumber: 10000
> gidNumber: 10000
> 
> sAMAccountName: Enterprise Admins
> gidNumber: 10004
> 
> sAMAccountName: workgroup-1
> gidNumber: 10010
> 
> sAMAccountName: Users
> gidNumber: 10008
> 
> sAMAccountName: DnsAdmins
> gidNumber: 10006
> 
> sAMAccountName: kbudwi
> uidNumber: 10002
> gidNumber: 10001
> 
> sAMAccountName: kbmamu
> uidNumber: 10004
> gidNumber: 10001
> 
> sAMAccountName: Guest
> uidNumber: 10001
> gidNumber: 10000
> 
> sAMAccountName: Schema Admins
> gidNumber: 10003
> 
> sAMAccountName: Administrators
> gidNumber: 10007
> 
> sAMAccountName: Domain Admins
> gidNumber: 10000
> 
> sAMAccountName: Domain Users
> gidNumber: 10001
> 
> uidNumber: 10003
> gidNumber: 10001
> sAMAccountName: kbanre
> 
> sAMAccountName: Domain Guests
> gidNumber: 10002
> 
> I can list those users and groups on the member server using "getent 
> passwd" and "getent group".

Can I suggest you remove uid/gidNumber attributes from:

Enterprise Read-Only Domain Controllers
Administrator
Enterprise Admins
Users
DnsAdmins
Guest
Schema Admins
Administrators
Domain Guests

They will be mapped as required by '*' in smb.conf
You have also made 'Administrator' a normal Unix user by giving it a
uidNumber.

Rowland

More information about the samba mailing list