-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John H Terpstra - Samba Team wrote: > David Christensen wrote: >> John H Terpstra - Samba Team wrote: >>> John Drescher wrote: >>>> On Fri, Jun 26, 2009 at 4:00 PM, David >>>> Christensen<[email protected]> wrote: >>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>> Hash: SHA1 >>>>> >>>>> David Christensen wrote: >>>>>> John Drescher wrote: >>>>>>> On Fri, Jun 26, 2009 at 12:38 PM, David >>>>>>> Christensen<[email protected]> wrote: >>>>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>>>> Hash: SHA1 >>>>>>>> >>>>>>>> I configured samba to work with an FDS backend using a howto from the >>>>>>>> Fedora Directory Server site. The howto had me create a Administrator >>>>>>>> user in LDAP with UID/GID of 0. Now when anyone logs in as root and do >>>>>>>> a whoami it comes back as Administrator. If I delete the Administrator >>>>>>>> user in LDAP samba will break, how do I get around this issue and still >>>>>>>> provide samba the access level it needs? >>>>>>>> >>>>>>> put files first in your /etc/nsswitch.conf >>>>>>> passwd: files ldap >>>>>>> shadow: files ldap >>>>>>> group: files ldap >>>>>>> John >>>>>> Looks like that is the way my nsswitch.conf is already configured. >>>>> I am attempting to use the username map attribute in smb.conf to map >>>>> root=Administrator but its not working, the Administrator account is >>>>> still squashing root, do I need to delete the Administrator account from >>>>> ldap or modify it in some way? >>>>> >>>> I do not know. I have user Administrator in my ldap but whoami shows root. >>> You possibly have a file /etc/samba/smbusers in which there is a mapping >>> as follows: >>> root = administrator >>> Tell me it's not true! >>> - John T. >>>> does root show up first on this command? >>>> >>>> getent passwd >>>> >>>> >>>> >>>> John >> I do have /etc/samba/smbusers in which there is a mapping >> as follows: >> >> root = administrator >> >> However it was not specified in smb.conf until today, when I tried to >> "use" it. > > OK, but what does testparm tell you about the default configuration for > your system? > > testparm -sv | grep username > > If the parameter "username map" is not mapped to /etc/samba/smbusers, > the issue is isolated to the mappings of the "root" and "administrator" > accounts and their respective uid/gid. > > - John T.
"username map" is no longer mapped to /etc/samba/smbusers, I commented it out so it looks like the issue is indeed isolated to the mappings of the root and administrator accounts. How do I permit the Administrator account the access level it needs without squashing root on every box? This is what I currently have: [r...@ldap2 profiles]# getent passwd | grep :0:0 root:x:0:0:root:/root:/bin/bash Administrator:x:0:0:Samba Admin:/root:/bin/bash -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkpFPbwACgkQ5B+8XEnAvquzcgCdGC8GWBpC1Masc6GTVPmT/i4F A6kAoJVQhhFdogK7jIS8ukUiibbw9UsS =Rpnw -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
