
I have setup linux as a member server (fedora 1), it authenticates against
a w2k AD server and runs winbind. I modified the login pam file
so can login to the linux box with my windows account. After login
I see my windows "home" directory that is mounted from a windows 
w2k fileserver.

All described above works fine the only problem I have that I don't see
the owner/group of the files from the mounted windows filesystem. everything
belongs to root and I can't write in my own home directory.

I mount the windows share this way:

smbmount //vryXXXX/f$ /mnt/nt_user_share -o username=admin_XXXX,rw

My problem: I don't want to see root but the windows file owners
on the smb mount!

Last login: Fri Dec  5 09:06:50 on pts/3
-bash-2.05b$ ls -la
total 16
drwxr-xr-x    1 root     root         4096 Oct 16 11:27 .
drwxr-xr-x    1 root     root         4096 Dec  5 08:53 ..
dr-xr-xr-x    1 root     root         4096 Dec  3 08:22 my documents
drwxr-xr-x    1 root     root         4096 Dec  2 08:48 outlook
-bash-2.05b$ touch bla
touch: cannot touch `bla': Permission denied

But localy it works!

-bash-2.05b$ ls -lad /bla
drwxrwxrwx    2 root     root         4096 Dec  5 09:33 /bla
-bash-2.05b$ cd /bla
-bash-2.05b$ touch blie
-bash-2.05b$ ls -la
total 8
drwxrwxrwx    2 root     root         4096 Dec  5 09:34 .
drwxr-xr-x   22 root     root         4096 Dec  5 09:31 ..
-rw-r--r--    1 EUROPE+vryXXXX EUROPE+Domain Users        0 Dec  5 09:34



workgroup = EUROPE
winbind separator = +
idmap uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /mnt/nt_user_share/users/%U
template shell = /bin/bash
nt acl support = Yes

security = ADS
encrypt passwords = yes


auth       required     pam_winbind.so
auth       required     pam_stack.so service=system-auth
account    required     pam_winbind.so
account    required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth


auth       required     pam_securetty.so
auth       sufficient   pam_winbind.so
auth       sufficient   pam_unix.so use_first_pass
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
account    sufficient   pam_winbind.so
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth
session    optional     pam_console.so

part of </etc/nsswitch.conf>

passwd:     files winbind
shadow:     files
group:      files winbind


 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

 ticket_lifetime = 24000
 default_realm = EUROPE.XXXX.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false

  kdc = XXXX.XXXX.com:88
  admin_server = XXXX.XXXX.com:749
  default_domain = XXXX.XXXX.com

 .europe.ad.flextronics.com = EUROPE.XXXX.COM
 europe.ad.flextronics.com = EUROPE.XXXX.COM

 profile = /var/kerberos/krb5kdc/kdc.conf

 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false


I run samba version:  3.0.0-15



Jan-Andre Schonekerl
Systems administrator

Spurkterweg 81
5804 AP Venray
the Netherlands

+31 (0)478 557171 Main
+31 (0)478 521777 Direct
+31 (0)478 557188 Fax
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Reply via email to