Re: [Samba] Samba 3.0.23b Available for Download

Wed, 09 Aug 2006 10:08:17 -0700 

Hi






>Is it possible to make this work again with 3.0.23b?
>(I know that the zero uid and gid range might be
>brain damaged, but with this settings it works fine on
>both sides)


This should still work.  Although you should be able
to simply not define the idmap uid/gid range at all.  But
you will need to run winbindd. Not that you will need
to fully qualify all domain users and groups in smb.conf
still.


I tried it again with winbind running and the idmap section commented out
In the smb.conf file we have no reference for certain groups/users
See below


Did you update the libnss_winbind.so as part of your
upgrade ?


yes

Just for clarification..
We have all users in both databases (nis  and AD)
with the same Username.
The unix system with the samba server only uses NIS (no nss/pam winbind).
as nameservice for users and groups.
With 3.0.21b and the setting below,
the owner of a file on the unix filesystem (USER1)
shows up in the windows security automatically as
DOM\USER1
Now with 3.0.23b is shown as the SID-RID String
The SID ist the SID of the Samba Server, the RID is 2 * uid + 1000
which is not the sid of the domainuser but the mapped SID of winbind...
Therfore the Security dialog cant resolve it.


Why do I need libnss_winbind.so?

Thank you

Hansjerg






[global]
       workgroup = DOM
       realm = REALM
       netbios name = ftpserver
       server string = RM-FTP-Server
       interfaces = 127.0.0.1, eth0
       bind interfaces only = Yes
       security = ADS
       password server = XXX
       username map = /etc/samba/smbusers
       log level = 1
       syslog = 0
       log file = /var/log/samba/log.%m
          os level = 25
       preferred master = No
       local master = No
       domain master = No
       dns proxy = No
       wins server = XXX
       utmp = Yes
       #idmap uid = 10000-10000
       #idmap gid = 10000-10000
       winbind use default domain = Yes
       winbind trusted domains only = Yes
       create mask = 0664
       directory mask = 0775
       hide dot files = No
       map archive = No
       dont descend = lost+found
       load printers= no
       printing = bsd
       printcap name = /dev/null


[ftp]
       path = /home_local/ftp
       comment = FTP-Share
       browseable = yes
       writeable = yes
       force create mode = 0664






cheers, jerry
=====================================================================
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Reply via email to