PS>> Here's the result of 'testparm -s'...
PS>>
PS>> Load smb config files from /etc/samba/smb.conf
PS>> Processing section "[IsrAlgorithmData]"
PS>> Loaded services file OK.
PS>> WARNING: You have some share names that are longer than 12 characters.
PS>> These may not be accessible to some older clients.
PS>> (Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.)
PS>> Server role: ROLE_DOMAIN_MEMBER
PS>> [global]
PS>> workgroup = TOYON
PS>> server string = Samba Server Version %v
PS>> interfaces = lo, eth1
PS>> security = DOMAIN
PS>> username map = /etc/samba/DomainToLocalMapping.txt
PS>> log file = /var/log/samba/log.%m
PS>> max log size = 50
PS>> idmap domains = TOYON
PS>> idmap alloc backend = tdb
PS>> idmap alloc config:range = 5000-9999
PS>> idmap config TOYON:range = 10000-300000000
PS>> idmap config TOYON:readonly = yes
PS>> idmap config TOYON:backend = ad
PS>> hosts allow = 127., 172.16.1., 172.17.0., 172.21.0., 192.168.120.,
PS>> 192.168.110.
PS>>
PS>> [IsrAlgorithmData]
PS>> comment = ISR Algorithm Data
PS>> path = /media/bigdisk
PS>> valid users = +users
PS>> read only = No
PS>> create mask = 0770
PS>> force create mode = 060
PS>> directory mask = 0770
PS>> force directory mode = 060
PS>> guest ok = Yes
PS>>
PS>>
PS>> Am I "missing an idmap configuration option that maps
PS>> the other windows domain controller that is providing
PS>> the account information (login name/password) to a
PS>> local 'home' directory."
CW = Craig White
CW> nope but configuration surely is a problem.
CW>
CW> security = DOMAIN
CW>
CW> that's for a Windows NT type of DOMAIN not Active
CW> Directory. You should be security = ADS but I'm
CW> guessing that you are trying to skirt the issues
CW> of kerberos and keytabs, etc. but that ain't
CW> gonna work.
CW>
CW> You really need to read through the samba
CW> documentation to get you there...
CW>
CW> http://samba.org/samba/docs/man/Samba-Guide/unixclients.html#adssdm
Thanks will do. I even own a copy of
http://oreilly.com/catalog/9780596007690/index.html
CW> should probably be enough to get you through it.
CW>
CW> I gather that you haven't the ability to get a user
CW> list...
CW> 'getent passwd'
CW> or a group list...
CW> 'getent group'
Both of these work with my present setup.
CW> that includes the Windows AD users and groups
CW> and until that happens, samba doesn't have a chance.
The share works fine prior to the core dump. All of the Windows users
can access the share and modify it just like I want them to be able to.
My only problem is the occasional winbindd core dump. In addition the
machine seems to reboot not to long after the core dump and I simply
cannot figure out why.
CW> you will probably also need to ensure that
CW> nsswitch.conf ultimately includes winbindd
CW> for 'passwd' and 'group' and /etc/ldap.conf
CW> for the rest of the attributes but definitely
CW> the samba documentation above should get you
CW> started on the right path.
I'll give it a look. Thanks again for your time,
Pete
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
