hi, as far i know username map is no longer valid for samba 3 (you can use admin users = root, Administrator)
but the behavior has changed in total, so you have to use group and user mapping.
read the faqs samba 3 as domain member server
may help
Regards
Celeste Suliin Burris schrieb:
I have been using the "username map" parameter for some time on various versions of Samba 2, and it has worked nicely. Last week I upgraded to Samba 3 and integrated with Active Directory. Since I am using Solaris 8, and "nsswitch.conf" doesn't support winbindd, I am using the "add user script" parameter to add users. What is happening is that users in the "username map" are getting added, even though their names were previously resolving correctly. Everything else works pretty well, so I'm not sure what is going on. Help would be appreciated.
My "smb.conf" file follows -
# Global parameters
[global]
workgroup = tacoma
netbios name = GEOBASE1
server string = TEDD Sun Server
interfaces = 131.191.215.40/255.255.255.0
# security = DOMAIN
security = ads
realm = TACOMA.LCL
encrypt passwords = Yes
min passwd length = 8
password server = *
name resolve order = host wins
deadtime = 30
preferred master = False
local master = No
domain master = False
wins server = 131.191.129.31
winbind cache time = 36000
printer admin = @printadm
create mask = 0775
nt acl support = yes
template shell = /bin/false
template homedir = /export/home/geobase1/%U
username map = /usr/local/samba/lib/users.map
invalid users = smsadmin1
# separate domain and username with "/", like DOMAIN/username
winbind separator = /
# use UIDs from 10000 to 20000 for domain users
idmap uid = 10000-20000
idmap gid = 10000-20000
# allow enumeration of winbind users and groups
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
# Allow Samba to add accounts for new users
winbind enable local accounts = yes
add user script = /usr/sbin/useradd -g nobody -d /tmp -s /bin/false -m %u
delete user script = /usr/sbin/userdel %u
print command = /usr/bin/lp -d%p -o nobanner -Traw -s %s -c; rm %s
veto oplock files = /*.nit/*.dat/*.dir/*.adf/
[printers] path = /var/spool/smbprint printable = true guest ok = true
[print$] comment = Windows Printer Drivers path = /usr/local/samba/printdrv write list = csburris, @printadm guest ok = Yes
[2kprint] comment = Windows NT4 Printer Drivers path = /usr/local/samba/drivers/2kprint write list = @printadm guest ok = Yes
[tedplot3] comment = TEDD HP Designjet 1055cm path = /var/spool/smbprint create mask = 0700 guest ok = Yes printable = Yes printer name = tedplot3
[teddlbls] comment = 9th Flr Epson 2170 - Labels Only path = /var/spool/smbprint create mask = 0700 guest ok = Yes printable = Yes printer name = teddlbls
[pdgmtrn1] comment = TEDD HP 4m near NGY's desk path = /var/spool/smbprint create mask = 0700 guest ok = Yes printable = Yes printer name = pdgmtrn1_2
[pdsuis1] comment = DataProducts Printer in equipment room path = /var/spool/smbprint create mask = 0700 guest ok = Yes printable = Yes printer name = pdsuis1
[pdshpplt] comment = TEDD HP Designjet 755cm in equipment room path = /var/spool/smbprint create mask = 0700 guest ok = Yes printable = Yes printer name = PDS_HPPlt_2
[gisinstl] comment = ESRI Install Point path = /gis_install/gisinstl browseable = No write list = @sysadmin
[homes]
comment = Home Directories
read only = No
create mask = 0755
browseable = No
veto files = /ADMIN.DLL/LOAD.EXE/MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
[pdsshare]
comment = TEDD Production Data
path = /pdsshare
read only = No
create mask = 0775
guest ok = Yes
veto files = /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
[pdsstaff]
comment = TEDD Only Nonshared
path = /pdsstaff
write list = @staff @pweng
create mask = 0755
read only = No
veto files = /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
[teddplan]
comment = TEDD Staff-Only Share
path = /teddplan/teddplan
write list = @staff @planners
create mask = 0755
read only = No
veto files = /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
[orthopho]
comment = Niess Orthophotos
path = /orthopho
write list = @sysadmin
guest ok = Yes
veto files = /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
[business]
comment = Business Analyst
path = /business/business
write list = @bizanal
guest ok = Yes
veto files = /*.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
[esri]
comment = Arc Info Libraries and License Files
path = /esri
valid users = @staff
create mask = 0755
veto files = /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
browseable = No
[pierce] comment = Pierce County Parcel Library path = /pcounty/bonanza/libs read only = Yes guest ok = Yes
[pub] comment = TEDD World Share path = /pub/pub read only = No create mask = 0777 guest ok = Yes
[syswork] comment = system administration path = /syswork valid users = @sysadmin read only = No browseable = No
[images]
comment = TEDD Graphics Repository Share
path = /images/images
write list = @images
read only = No
create mask = 0775
guest ok = Yes
veto files = /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
[mrsidwrk]
comment = TEDD mrsid compression area
path = /mrsid/mrsidwrk
write list = @staff
create mask = 0755
read only = No
veto files = /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/ADMIN.DLL/LOAD.EXE/ MMC.EXE/README.EXE/MEP*.TMP.EXE/SIRCAM.SYS
[arcviewt]
comment = Arcview Tutorial
path = /esri/arcviewtut
read only = No
guest ok = Yes
veto files = /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/
[intranetdev]
comment = TEDD Intranet Pages
path = /intranetdev/webintern
write list = @webintrn
read only = No
veto files = /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/
[webintrn]
comment = Web Intern Work Area
path = /intranetdev/webintern
write list = @sysadmin @webintrn
read only = No
veto files = /.AppleDouble/TheVolumeSettingsFolder/TheFindByContentFolder/Icon\r/ *~?.???/*:*/Network Trash Folder/resource.frk/.AppleDesktop/DesktopFolderDB/
[arc] comment = GIS Project ARC/Info applications and data path = /gisfs1/gis/arc write list = ptang sroberts guest ok = Yes
[arcexe71] comment = Arc/INFO 7.1 Executables path = /gisfs1/arcexe71 guest ok = Yes
[gis_maps] comment = GIS Project maps - Autocad format path = /gisfs1/gis/maps write list = @gisprcl read only = No guest ok = Yes
- end smb.conf
Celeste Suliin Burris Systems Administrator Tacoma Economic Development Department Email - [EMAIL PROTECTED]
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
