samba - Dec 2001 - winbindd: local unix users vs. NTdomain users ........

Hi!

I use Samba 2.2.2 on Linux Red Hat 7.1.

My Samba server is NT domain member (security = domain),
and I use winbindd.

I detect some strange situation, as I look. See below.

For example, my NT domain is MYDOMAIN (PDC implemented
on NT4), and this domain have user myuser (MYDOMAIN+myuser 
as see him Samba&Winbindd).
Linux, which run Samba&winbindd, have local user myuser too.

Local unix user myuser have uid 542 and home 
directory /home/myuser.
Domain user MYDOMAIN+myuser have uid 10012 and 
template home directory /smbhome/MYDOMAIN/myuser.

Strange thing: after connect myuser into domain MYDOMAIN
from Windows2000 machine and connect into [homes] share
onto Samba server, this user get uid 10012 (as MYDOMAIN+myuser)
but his home directory is /home/myuser (as local unix user myuser).
But /home/myuser have owner uid 542, not 10012 !!!!!!!!!!!!!!!!!

I must run "chown -R MYDOMAIN+myuser /home/myuser" to 
provide for this user right access in his home directory.
I think, what it's very ugly situation.

Also, what will be, if myuser (see above) is enumered 
into "print admin" line of smb.conf: "print admin = myuser"?
How myuser will be to "admin" print$, if he is MYDOMAIN+myuser
(uid 10012) instead myuser (uid 542)?

I not found, how to make this situation rightly.

I think, what local user myuser must have more high
priority under NT domain user myuser (MYDOMAIN+myuser) 
in any time and in any shares.
Or have posible manually control order of selection 
doubled users.

Also:
I think what need have commands like "winbind add user script
(winbind delete user script)" which will run, when winbindd
detect adding(deleting) user from NTdomain. For creating
(deleting) template home directories, for example.
Now I must to create homedirs manually :(((

------
Valery Savchuk
volsk@mail.ru
svl@volskcement.ru

On Sat, 15 Dec 2001, Savchuk Valery wrote:
> I detect some strange situation, as I look. See below.
> 
> For example, my NT domain is MYDOMAIN (PDC implemented
> on NT4), and this domain have user myuser (MYDOMAIN+myuser 
> as see him Samba&Winbindd).
> Linux, which run Samba&winbindd, have local user myuser too.
> 
> Local unix user myuser have uid 542 and home 
> directory /home/myuser.
> Domain user MYDOMAIN+myuser have uid 10012 and 
> template home directory /smbhome/MYDOMAIN/myuser.
> 
> Strange thing: after connect myuser into domain MYDOMAIN
> from Windows2000 machine and connect into [homes] share
> onto Samba server, this user get uid 10012 (as MYDOMAIN+myuser)
> but his home directory is /home/myuser (as local unix user myuser).
> But /home/myuser have owner uid 542, not 10012 !!!!!!!!!!!!!!!!!
> 
> I must run "chown -R MYDOMAIN+myuser /home/myuser" to 
> provide for this user right access in his home directory.
> I think, what it's very ugly situation.
> 
> Also, what will be, if myuser (see above) is enumered 
> into "print admin" line of smb.conf: "print admin =
myuser"?
> How myuser will be to "admin" print$, if he is MYDOMAIN+myuser
> (uid 10012) instead myuser (uid 542)?
> 
> I not found, how to make this situation rightly.
> 
> I think, what local user myuser must have more high
> priority under NT domain user myuser (MYDOMAIN+myuser) 
> in any time and in any shares.
> Or have posible manually control order of selection 
> doubled users.
Do you actually NEED both sets of users.  If you have already
got an account on the local machine the you don't need winbind at all.
You need a simple awy to keep the NT accounts in sync with the Linux ones.

If you would prefer to use winbinf then ditch the lcoal users accounts.

If you have some strange reason for needing both then please explain it.
 
Yours Tony.

/*
 * "The significant problems we face cannot be solved at the 
 * same level of thinking we were at when we created them."
 * --Albert Einstein
 */

You should not be using double user-names in the first place. One of THE
advantages of eth Winbindd daemon is that you do NOT have to create all your
users locally...




Met vriendelijke groet,


Martijn Olivier Tigchelaar
Systems Management
KPN Services Online DATA

E-mail:	m.o.tigchelaar@kpn.com


Junior IT Consultant
Flex Information Technology

e-mail:	m.tigchelaar@flex-it.nl
> -----Original Message-----
> From:	Savchuk Valery [SMTP:volsk@mail.ru]
> Sent:	Saturday, December 15, 2001 8:38 PM
> To:	samba@samba.org
> Subject:	winbindd: local unix users vs. NTdomain users ........
> 
> Hi!
> 
> I use Samba 2.2.2 on Linux Red Hat 7.1.
> 
> My Samba server is NT domain member (security = domain),
> and I use winbindd.
> 
> I detect some strange situation, as I look. See below.
> 
> For example, my NT domain is MYDOMAIN (PDC implemented
> on NT4), and this domain have user myuser (MYDOMAIN+myuser 
> as see him Samba&Winbindd).
> Linux, which run Samba&winbindd, have local user myuser too.
> 
> Local unix user myuser have uid 542 and home 
> directory /home/myuser.
> Domain user MYDOMAIN+myuser have uid 10012 and 
> template home directory /smbhome/MYDOMAIN/myuser.
> 
> Strange thing: after connect myuser into domain MYDOMAIN
> from Windows2000 machine and connect into [homes] share
> onto Samba server, this user get uid 10012 (as MYDOMAIN+myuser)
> but his home directory is /home/myuser (as local unix user myuser).
> But /home/myuser have owner uid 542, not 10012 !!!!!!!!!!!!!!!!!
> 
> I must run "chown -R MYDOMAIN+myuser /home/myuser" to 
> provide for this user right access in his home directory.
> I think, what it's very ugly situation.
> 
> Also, what will be, if myuser (see above) is enumered 
> into "print admin" line of smb.conf: "print admin =
myuser"?
> How myuser will be to "admin" print$, if he is MYDOMAIN+myuser
> (uid 10012) instead myuser (uid 542)?
> 
> I not found, how to make this situation rightly.
> 
> I think, what local user myuser must have more high
> priority under NT domain user myuser (MYDOMAIN+myuser) 
> in any time and in any shares.
> Or have posible manually control order of selection 
> doubled users.
> 
> Also:
> I think what need have commands like "winbind add user script
> (winbind delete user script)" which will run, when winbindd
> detect adding(deleting) user from NTdomain. For creating
> (deleting) template home directories, for example.
> Now I must to create homedirs manually :(((
> 
> ------
> Valery Savchuk
> volsk@mail.ru
> svl@volskcement.ru
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

On Sat, 15 Dec 2001, Savchuk Valery wrote:
> Strange thing: after connect myuser into domain MYDOMAIN
> from Windows2000 machine and connect into [homes] share
> onto Samba server, this user get uid 10012 (as MYDOMAIN+myuser)
> but his home directory is /home/myuser (as local unix user myuser).
> But /home/myuser have owner uid 542, not 10012 !!!!!!!!!!!!!!!!!
Yes.  This would be a bug.  I've forwarded the information onto
Tim.  We'll get it fixed.







chau, jerry
 ---------------------------------------------------------------------
 Hewlett-Packard                                     http://www.hp.com
 SAMBA Team                                       http://www.samba.org
 --                                            http://www.plainjoe.org
 "Sam's Teach Yourself Samba in 24 Hours" 2ed.      ISBN
0-672-32269-2
 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--