[Samba] Share access problem

Sebastien.Boulianne at cpu.ca Sebastien.Boulianne at cpu.ca
Wed Aug 16 19:36:57 UTC 2017


Hi Rowland and everyone,

Thanks a lot of for your answer!
I really appreciate it!

I modified all my config with your suggests BUT it still don't work.

I can ONLY list my local users with getent passwd, getent group... Why ?
https://pastebin.com/22DAQqc6

Thanks in advance.

Sébastien
[Samba] Share access problem.
Rowland Penny rpenny at samba.org <mailto:samba%40lists.samba.org?Subject=Re%3A%20%5BSamba%5D%20Share%20access%20problem.&In-Reply-To=%3C20170811203103.23525de2%40devstation.samdom.example.com%3E>
Fri Aug 11 19:31:03 UTC 2017

 *   Previous message (by thread): [Samba] Share access problem.<https://lists.samba.org/archive/samba/2017-August/210239.html>
 *   Next message (by thread): [Samba] (no subject)<https://lists.samba.org/archive/samba/2017-August/210143.html>
 *   Messages sorted by: [ date ]<https://lists.samba.org/archive/samba/2017-August/date.html#210243> [ thread ]<https://lists.samba.org/archive/samba/2017-August/thread.html#210243> [ subject ]<https://lists.samba.org/archive/samba/2017-August/subject.html#210243> [ author ]<https://lists.samba.org/archive/samba/2017-August/author.html#210243>

________________________________

On Fri, 11 Aug 2017 14:59:36 -0400

<Sebastien.Boulianne at cpu.ca<https://lists.samba.org/mailman/listinfo/samba>> wrote:



> Hi,

>

> I checked my config this week.

> I did some changes.

>

> I can now list the share FTPFiles but I cant view the files.

> What can be wrong ?

>

> # krb5.conf

> https://pastebin.com/gDhMnM4B

>

> # nsswitch.conf

> https://pastebin.com/HEk1LwJg

>

> # smb.conf

> https://pastebin.com/f5hqStFk

>

> # log.winbindd

> https://pastebin.com/nxv13gd9

>



OK, I would change /etc/krb5.conf to just this:



[libdefaults]

    default_realm = DOMAIN.QC.CA

    dns_lookup_realm = false

    dns_lookup_kdc = true



In /etc/nsswitch.conf change:



passwd:         files winbind systemd sss

group:          files winbind systemd sss

shadow:         files systemd sss



To:



passwd:         files winbind

group:          files winbind

shadow:         files



Change:



hosts:          files docker [NOTFOUND=return] gw_name mdns4_minimal

[NOTFOUND=return] resolve [!UNAVAIL=return] dns myhostname mymachines



To:



hosts:          files dns



Change:



protocols:      db files winbind

services:       db files winbind sss



To:



protocols:      db files

services:       db files



Change:



netgroup:       nis files winbind sss



To:



netgroup:       nis



I would remove all these lines from smb.conf:



        logon drive = H:

        max xmit = 32768

        min receivefile size = 2048

        map to guest = Bad User

        obey pam restrictions = Yes

        pam password change = Yes

        passdb backend = smbpasswd

        passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully*.

        passwd program = /usr/bin/passwd %u

        password server = domainmaster2.domain.qc.ca domainmaster1.domain.qc.ca

        restrict anonymous = 1

        unix password sync = Yes

        deadtime = 15

        idmap gid = 10000-20000

        winbind cache time = 30

        winbind enum groups = Yes

        winbind enum users = Yes

        dns proxy = No

        wins server = 10.20.1.64

        aio read size = 2048

        aio write size = 2048

        use sendfile = Yes

        write cache size = 1024000



I would change this line:



        idmap config * : range = 10000-20000



To:



        idmap config * : range = 3000-7999



I would add:



    idmap config DOMAIN : backend = rid

    idmap config DOMAIN : range = 10000-999999

    template shell = /bin/bash

    template homedir = /home/%U



    vfs objects = acl_xattr

    map acl inherit = Yes

    store dos attributes = Yes



With these changes it should work, but it is your computer, so the

choice is yours, use winbind or sssd for authentication, you cannot use

both.



Rowland



________________________________

 *   Previous message (by thread): [Samba] Share access problem.<https://lists.samba.org/archive/samba/2017-August/210239.html>
 *   Next message (by thread): [Samba] (no subject)<https://lists.samba.org/archive/samba/2017-August/210143.html>
 *   Messages sorted by: [ date ]<https://lists.samba.org/archive/samba/2017-August/date.html#210243> [ thread ]<https://lists.samba.org/archive/samba/2017-August/thread.html#210243> [ subject ]<https://lists.samba.org/archive/samba/2017-August/subject.html#210243> [ author ]<https://lists.samba.org/archive/samba/2017-August/author.html#210243>

________________________________
More information about the samba mailing list<https://lists.samba.org/mailman/listinfo/samba>



More information about the samba mailing list