[Samba] DM 3.6.25 -> 4.x

Stefan G. Weichinger lists at xunil.at
Wed May 30 14:03:30 UTC 2018 

Am 2018-05-30 um 15:56 schrieb Rowland Penny via samba:

> If the last two lines are actually in your smb.conf on disk and you
> want use the 'rid' backend, then set the something like this will work:
> 
>  	idmap config DOMAIN : range =310000-40000
>  	idmap config DOMAIN : backend = rid
> 
>>
>> the two lines
>>
>>  idmap uid =
>>  idmap gid =
>>
>> should be removed, I assume
> 
> I would love to see how you remove them ;-)
> I would image that the smb.conf fragment is from a very long smb.conf
> 'testparm -v' means print every line in smb.conf including all the
> defaults. Can I suggest you just run 'cat /etc/samba/smb.conf'


sure ;-)

We see that it is old ("SWAT", date) and ugly ...


# cat /etc/samba/smb.conf
# Samba config file created using SWAT
# from UNKNOWN (192.168.100.66)
# Date: 2012/07/23 14:38:02

[global]
	unix charset = iso8859-15

	security = ads
	realm = CUSTOMER.INTRA
	#password server = 192.168.100.32
	workgroup = CUSTOMER
	idmap uid = 10000 - 20000
	idmap gid = 10000 - 20000
	winbind enum users = yes
	winbind enum groups = yes
	winbind cache time = 10
	winbind use default domain = yes
	template homedir = /mnt/MSA2040/smb/Homes/%D/%U
	template shell = /bin/false
	client use spnego = yes
	client ntlmv2 auth = yes
	encrypt passwords = yes
	restrict anonymous = 2
	domain master = no
	local master = no
	preferred master = no
	os level = 0	
	invalid users = root bin daemon adm sync shutdown halt mail news uucp
	obey pam restrictions = yes
	#debug level = 5

	netbios name = U1CUSTOMER
	netbios aliases = samba
	server string = U1CUSTOMER
	interfaces = 192.168.100.4/24
	bind interfaces only = Yes
	map to guest = Bad User
	name resolve order = wins lmhosts hosts bcast
	wins support = Yes
#	idmap config * : range =
#	idmap config * : backend = tdb
	force unknown acl user = Yes
	hosts allow = 10.98.1., 10.0.8., 192.168.1., 192.168.90., 192.168.101,
192.168.100.5, 192.168.100.11, 192.168.100.13, 192.168.100.30,
192.168.100.31, 192.168.100.32, 192.168.100.33, 192.168.100.34,
192.168.100.35, 192.168.100.36, 192.168.100.37, 192.168.100.38,
192.168.100.39, 192.168.100.50, 192.168.100.51, 192.168.100.52,
192.168.100.53, 192.168.100.54, 192.168.100.55, 192.168.100.56,
192.168.100.57, 192.168.100.58, 192.168.100.59, 192.168.100.60,
192.168.100.61, 192.168.100.62, 192.168.100.63, 192.168.100.64,
192.168.100.65, 192.168.100.66, 192.168.100.67, 192.168.100.68,
192.168.100.69, 192.168.100.70, 192.168.100.71, 192.168.100.72,
192.168.100.73, 192.168.100.74, 192.168.100.75, 192.168.100.76,
192.168.100.77, 192.168.100.78, 192.168.100.79, 192.168.100.80,
192.168.100.81, 192.168.100.82, 192.168.100.83, 192.168.100.84,
192.168.100.85, 192.168.100.86, 192.168.100.87, 192.168.100.88,
192.168.100.89, 192.168.100.90, 192.168.100.91, 192.168.100.92,
192.168.100.93, 192.168.100.94, 192.168.100.95, 192.168.100.96,
192.168.100.97, 192.168.100.98, 192.168.100.99, 192.168.100.100,
192.168.100.101, 192.168.100.102, 192.168.100.103, 192.168.100.104,
192.168.100.105, 192.168.100.106, 192.168.100.107, 192.168.100.108,
192.168.100.109, 192.168.100.110, 192.168.100.111, 192.168.100.112,
192.168.100.113, 192.168.100.114, 192.168.100.115, 192.168.100.116,
192.168.100.117, 192.168.100.118, 192.168.100.119, 192.168.100.120,
192.168.100.121, 192.168.100.122, 192.168.100.123, 192.168.100.124,
192.168.100.125, 192.168.100.126, 192.168.100.127, 192.168.100.128,
192.168.100.129, 192.168.100.130, 192.168.100.131, 192.168.100.132,
192.168.100.133, 192.168.100.134, 192.168.100.135, 192.168.100.136,
192.168.100.137, 192.168.100.138, 192.168.100.139, 192.168.100.140,
192.168.100.141, 192.168.100.142, 192.168.100.143, 192.168.100.144,
192.168.100.145, 192.168.100.146, 192.168.100.147, 192.168.100.148,
192.168.100.149, 192.168.100.200, 192.168.100.203, 192.168.100.204
	nt acl support = No
	unix extensions = no
	follow symlinks= yes
	wide links= yes

##########################################
## changes since 2016-02-11 ##############
##########################################
# log level = 2
	load printers = no
	printcap name = /dev/null
# Audit settings
	vfs objects = full_audit
	full_audit:prefix = %u|%I|%S
	full_audit:failure = connect
#full_audit:success = connect disconnect opendir mkdir rmdir closedir
open close read pread write pwrite sendfile rename unlink chmod fchmod
chown fchown chdir ftruncate lock symlink readlink link mknod realpath
	full_audit:success = mkdir rmdir write pwrite rename unlink chmod
fchmod chown fchown ftruncate
	full_audit:facility = local5
	full_audit:priority = notice

More information about the samba mailing list