Looking for a poniter in the right direction My current configuration is NT4 PDC (Solaris PCnetlink) Samba Member server (Solaris 9 Samba ver 3.0.20b)for file and print sharing WinXp Pro Clients SP2 My problem is with the Domain Users. I am able to share out file systems to the XP clients from my Samba server OK. I am also able to modify the permissions for the files in the share in Solaris using the chmod, chgrp and chown. This seems to work OK. When I am on the WinXp client and I look at the security permissions tab on the folder properties that I own, I cannot see the NT4 Domain Users, all I see are the \\localmachine\user when what I want is the \\domain\user. When I try to add a domain user in the secrutiy properties page I see the domain and the list of users but when I select a user or group and select add it does not add it to the folder properties. I am new to Samba -- am I missing some simple configuration parameter or is this how it is suppose to work. alb-smb(test)# ./testparm /etc/samba/smb.conf Load smb config files from /etc/samba/smb.conf Processing section "[printers]" Processing section "[R]" Processing section "[logs]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions [global] workgroup = TESTDOM server string = %h - Samba Server %v security = DOMAIN password server = test-net log level = 4 log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = /etc/printcap dns proxy = No wins server = 10.0.0.1 [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [R] comment = R Drive path = /share/R public = yes writable = yes create mask = 0755 guest ok = Yes nt acl support = true [logs] comment = Testing logs path = /share/logs public = yes writable = yes create mask = 0755 guest ok = Yes
You will want to bring yourself up to speed on winbind I think. This is what I use to allow Domain membership accounts to be added to my Samba shares. Is your NT4 PDC a true Microsoft PDC machine? If so then winbind should work fine, but I noticed you had Solaris beside your NT4 PDC listing so if that is the case then I am not sure what you will need to do. If it is a Windows NT4 PDC though, winbind will solve all your problems. Cheers, Travis -----Original Message----- From: samba-bounces+tbullock=avmaxgrp.com@lists.samba.org [mailto:samba-bounces+tbullock=avmaxgrp.com@lists.samba.org] On Behalf Of jim_mosbey@dps.state.ny.us Sent: April 19, 2006 10:26 AM To: samba@lists.samba.org Subject: [Samba] W2K Domain Users in Samba Looking for a poniter in the right direction My current configuration is NT4 PDC (Solaris PCnetlink) Samba Member server (Solaris 9 Samba ver 3.0.20b)for file and print sharing WinXp Pro Clients SP2 My problem is with the Domain Users. I am able to share out file systems to the XP clients from my Samba server OK. I am also able to modify the permissions for the files in the share in Solaris using the chmod, chgrp and chown. This seems to work OK. When I am on the WinXp client and I look at the security permissions tab on the folder properties that I own, I cannot see the NT4 Domain Users, all I see are the \\localmachine\user when what I want is the \\domain\user. When I try to add a domain user in the secrutiy properties page I see the domain and the list of users but when I select a user or group and select add it does not add it to the folder properties. I am new to Samba -- am I missing some simple configuration parameter or is this how it is suppose to work. alb-smb(test)# ./testparm /etc/samba/smb.conf Load smb config files from /etc/samba/smb.conf Processing section "[printers]" Processing section "[R]" Processing section "[logs]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions [global] workgroup = TESTDOM server string = %h - Samba Server %v security = DOMAIN password server = test-net log level = 4 log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = /etc/printcap dns proxy = No wins server = 10.0.0.1 [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [R] comment = R Drive path = /share/R public = yes writable = yes create mask = 0755 guest ok = Yes nt acl support = true [logs] comment = Testing logs path = /share/logs public = yes writable = yes create mask = 0755 guest ok = Yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Jim, My comments are within your original post to the mailing list. -- +-------------------------------------------------+ | Sean Elble | | Virginia Tech | | Computer Engineering, Class of 2008 | | Vice President, VTLUUG | | E-Mail: elbles@sessys.com | +-------------------------------------------------+ On Wed, 19 Apr 2006, jim_mosbey@dps.state.ny.us wrote:> Looking for a poniter in the right direction > > My current configuration is > NT4 PDC (Solaris PCnetlink) > Samba Member server (Solaris 9 Samba ver 3.0.20b)for file and print > sharing > WinXp Pro Clients SP2 > > My problem is with the Domain Users. I am able to share out file systems > to the XP clients from my Samba server OK. I am also able to modify the > permissions for the files in the share in Solaris using the chmod, chgrp > and chown. This seems to work OK. When I am on the WinXp client and I look > at the security permissions tab on the folder properties that I own, I > cannot see the NT4 Domain Users, all I see are the \\localmachine\user > when what I want is the \\domain\user. When I try to add a domain user in > the secrutiy properties page I see the domain and the list of users but > when I select a user or group and select add it does not add it to the > folder properties. I am new to Samba -- am I missing some simple > configuration parameter or is this how it is suppose to work.My first question to you is how have you setup the users on this Solaris file server? For file sharing to work properly,I'd imagine you either are running Winbind for the user database on the server, OR you are using username mapping, with local users on the file server as well. If you are not, well, that is your problem right there. Samba needs to know which UNIX user owns the files, and has the various permissions: Knowing which user in the Windows domain would not do Samba any good, as it doesn't maintain a permissions database for files separate of the UNIX file permissions scheme (someone please correct me if I am wrong here). This is quite unlike Sun's PC Netlink, which, IIRC, is a product developed under a source code license from Microsoft, allowing for full Windows NT 4.0 PDC functionality from a Solaris server (versions were produced for other versions of UNIX as well). However, it maintains its own database for file permissions, and it does not require local UNIX users for every Windows user in the domain. As such, my recommendation would be to run Winbind on the file server, which will allow you to authenticate local UNIX users via the PC Netlink PDC, and allow you to do file permissions and other such things on the UNIX level quite easily. I cannot say for sure that this is where your problem lies, but I'd put some money on it (if I were not a poor college student, that is :-)).> > alb-smb(test)# ./testparm /etc/samba/smb.conf > Load smb config files from /etc/samba/smb.conf > Processing section "[printers]" > Processing section "[R]" > Processing section "[logs]" > Loaded services file OK. > Server role: ROLE_DOMAIN_MEMBER > Press enter to see a dump of your service definitions > > [global] > workgroup = TESTDOM > server string = %h - Samba Server %v > security = DOMAIN > password server = test-net > log level = 4 > log file = /var/log/samba/log.%m > max log size = 50 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > printcap name = /etc/printcap > dns proxy = No > wins server = 10.0.0.1 > > [printers] > comment = All Printers > path = /var/spool/samba > printable = Yes > browseable = No > > [R] > comment = R Drive > path = /share/R > public = yes > writable = yes > create mask = 0755 > guest ok = Yes > nt acl support = true > > [logs] > comment = Testing logs > path = /share/logs > public = yes > writable = yes > create mask = 0755 > guest ok = Yes > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >