Nolan Garrett
2003-Feb-24 18:48 UTC
[Samba] SAMBA PDC User Permissions, Admin Settings, and Logon?
Hi all! First off, I'd like to thank you for the help you've previously
given me. I'd like to state a few of the problems I am now experiencing,
and you all can provide insight. I've read all the documentation I can find
and have surfed the archives for this newsgroup, but to no avail. Any help
would be greatly appreciated!
(I am using SAMBA 2.2.7)
Issue 1: If I don't have every user listed in the admin users = section that
I want to allow logon access, they cannot log on. I usually get a domain
unavailable error.
Issue 2: If I don't set up each user account (w/ domain) on the WinXP
machine I want to logon to, I get some kind of very, very limited logon. It
almost seems to be corrupted.
Issue 3: This is my main frustration - I cannot seem to block access to
other peoples shares! EG user chrisg can access the nolan share, etc.
Final Issue: Not a big problem, but I can't figure out how to set up the
CUPS drivers for the pdf-generator.
Is it a winbind problem, bad config, or am I just a moron?
Attached is my smb.conf
# Samba config file created using SWAT
# from gridlock.workgroup.net (192.168.0.5)
# Date: 2003/02/24 18:08:30
# Global parameters
[global]
netbios name = MAIN
server string = Samba Server %v
encrypt passwords = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password
* %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *p
asswd: *all*authentication*tokens*updated*succesfully*
unix password sync = Yes
log level = 1
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBU
F=8192 SO_SNDBUF=8192
printcap name = cups
domain admin group = @admins
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin
/false -M %u
logon script = %U.bat
logon path = \\main\profiles\%U
logon drive = Z:
logon home = \\main\%U\.profile
domain logons = Yes
os level = 99
domain master = Yes
dns proxy = No
wins support = Yes
winbind uid = 10000-20000
winbind gid = 10000-20000
; valid users = ahayes root danielleg chrisg rickg nolan
admin users = root nolan chrisg rickg danielleg alyssag
printer admin = nolan root
hosts allow = 192.168.0. 127.
; profile acls = Yes
printing = cups
[homes]
comment = Home Directory for %u
read only = No
create mask = 0660
directory mask = 0770
browseable = No
oplocks = No
level2 oplocks = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
write list = root nolan
[profiles]
path = /var/lib/samba/profiles
read only = No
create mask = 0600
directory mask = 0700
guest ok = Yes
browseable = No
csc policy = disable
[printers]
comment = All Printers
path = /var/spool/samba
printer admin = root nolan
guest ok = Yes
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /etc/samba/drivers
write list = root nolan
[pdf-generator]
comment = PDF Generator (only valid users!)
path = /var/tmp
printable = Yes
print command = /usr/share/samba/scripts/print-pdf %s ~%u \\\\\\\\%L
\\\\%u %m &
[public]
comment = Public
path = /home/samba/public
read only = No
guest ok = Yes
Nolan Garrett
2003-Feb-25 00:11 UTC
[Samba] Re: SAMBA PDC User Permissions, Admin Settings, and Logon?
Correct that - On Issue 2, I get no access at all. Nolan Nolan Garrett wrote:> Hi all! First off, I'd like to thank you for the help you've previously > given me. I'd like to state a few of the problems I am now experiencing, > and you all can provide insight. I've read all the documentation I can > find and have surfed the archives for this newsgroup, but to no avail. Any > help would be greatly appreciated! > > (I am using SAMBA 2.2.7) > > Issue 1: If I don't have every user listed in the admin users = section > that I want to allow logon access, they cannot log on. I usually get a > domain unavailable error. > > Issue 2: If I don't set up each user account (w/ domain) on the WinXP > machine I want to logon to, I get some kind of very, very limited logon. > It almost seems to be corrupted. > > Issue 3: This is my main frustration - I cannot seem to block access to > other peoples shares! EG user chrisg can access the nolan share, etc. > > Final Issue: Not a big problem, but I can't figure out how to set up the > CUPS drivers for the pdf-generator. > > Is it a winbind problem, bad config, or am I just a moron? > > Attached is my smb.conf > > # Samba config file created using SWAT > # from gridlock.workgroup.net (192.168.0.5) > # Date: 2003/02/24 18:08:30 > > # Global parameters > [global] > netbios name = MAIN > server string = Samba Server %v > encrypt passwords = Yes > passwd program = /usr/bin/passwd %u > passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password > * %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *p > asswd: *all*authentication*tokens*updated*succesfully* > unix password sync = Yes > log level = 1 > log file = /var/log/samba/log.%m > max log size = 50 > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBU > F=8192 SO_SNDBUF=8192 > printcap name = cups > domain admin group = @admins > add user script = /usr/sbin/useradd -d /dev/null -g machines -s > /bin > /false -M %u > logon script = %U.bat > logon path = \\main\profiles\%U > logon drive = Z: > logon home = \\main\%U\.profile > domain logons = Yes > os level = 99 > domain master = Yes > dns proxy = No > wins support = Yes > winbind uid = 10000-20000 > winbind gid = 10000-20000 > ; valid users = ahayes root danielleg chrisg rickg nolan > admin users = root nolan chrisg rickg danielleg alyssag > printer admin = nolan root > hosts allow = 192.168.0. 127. > ; profile acls = Yes > printing = cups > > [homes] > comment = Home Directory for %u > read only = No > create mask = 0660 > directory mask = 0770 > browseable = No > oplocks = No > level2 oplocks = No > > [netlogon] > comment = Network Logon Service > path = /var/lib/samba/netlogon > write list = root nolan > > [profiles] > path = /var/lib/samba/profiles > read only = No > create mask = 0600 > directory mask = 0700 > guest ok = Yes > browseable = No > csc policy = disable > > [printers] > comment = All Printers > path = /var/spool/samba > printer admin = root nolan > guest ok = Yes > printable = Yes > browseable = No > > [print$] > comment = Printer Drivers > path = /etc/samba/drivers > write list = root nolan > > [pdf-generator] > comment = PDF Generator (only valid users!) > path = /var/tmp > printable = Yes > print command = /usr/share/samba/scripts/print-pdf %s ~%u > \\\\\\\\%L > \\\\%u %m & > > [public] > comment = Public > path = /home/samba/public > read only = No > guest ok = Yes > > >
Rob Savage
2003-Feb-25 06:30 UTC
[Samba] SAMBA PDC User Permissions, Admin Settings, and Logon?
Hey Nolan, I can easily give you an answer to I3>Issue 3: This is my main frustration - I cannot seem to block access to >other peoples shares! EG user chrisg can access the nolan share, etc. > > >[homes] > comment = Home Directory for %u > read only = No > create mask = 0660 > directory mask = 0770 > browseable = No > oplocks = No > level2 oplocks = NoTry adding these: Valid users = %U Path = /home/%u Guest ok = No --- Have an excellent day, Rob Savage -----Original Message----- From: samba-bounces+samba1=shaw.ca@lists.samba.org [mailto:samba-bounces+samba1=shaw.ca@lists.samba.org]On Behalf Of Nolan Garrett Sent: February 24, 2003 11:49 AM To: samba@lists.samba.org Subject: [Samba] SAMBA PDC User Permissions, Admin Settings, and Logon? Hi all! First off, I'd like to thank you for the help you've previously given me. I'd like to state a few of the problems I am now experiencing, and you all can provide insight. I've read all the documentation I can find and have surfed the archives for this newsgroup, but to no avail. Any help would be greatly appreciated! (I am using SAMBA 2.2.7) Issue 1: If I don't have every user listed in the admin users = section that I want to allow logon access, they cannot log on. I usually get a domain unavailable error. Issue 2: If I don't set up each user account (w/ domain) on the WinXP machine I want to logon to, I get some kind of very, very limited logon. It almost seems to be corrupted. Issue 3: This is my main frustration - I cannot seem to block access to other peoples shares! EG user chrisg can access the nolan share, etc. Final Issue: Not a big problem, but I can't figure out how to set up the CUPS drivers for the pdf-generator. Is it a winbind problem, bad config, or am I just a moron? Attached is my smb.conf # Samba config file created using SWAT # from gridlock.workgroup.net (192.168.0.5) # Date: 2003/02/24 18:08:30 # Global parameters [global] netbios name = MAIN server string = Samba Server %v encrypt passwords = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password * %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *p asswd: *all*authentication*tokens*updated*succesfully* unix password sync = Yes log level = 1 log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBU F=8192 SO_SNDBUF=8192 printcap name = cups domain admin group = @admins add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin /false -M %u logon script = %U.bat logon path = \\main\profiles\%U logon drive = Z: logon home = \\main\%U\.profile domain logons = Yes os level = 99 domain master = Yes dns proxy = No wins support = Yes winbind uid = 10000-20000 winbind gid = 10000-20000 ; valid users = ahayes root danielleg chrisg rickg nolan admin users = root nolan chrisg rickg danielleg alyssag printer admin = nolan root hosts allow = 192.168.0. 127. ; profile acls = Yes printing = cups [homes] comment = Home Directory for %u read only = No create mask = 0660 directory mask = 0770 browseable = No oplocks = No level2 oplocks = No [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon write list = root nolan [profiles] path = /var/lib/samba/profiles read only = No create mask = 0600 directory mask = 0700 guest ok = Yes browseable = No csc policy = disable [printers] comment = All Printers path = /var/spool/samba printer admin = root nolan guest ok = Yes printable = Yes browseable = No [print$] comment = Printer Drivers path = /etc/samba/drivers write list = root nolan [pdf-generator] comment = PDF Generator (only valid users!) path = /var/tmp printable = Yes print command = /usr/share/samba/scripts/print-pdf %s ~%u \\\\\\\\%L \\\\%u %m & [public] comment = Public path = /home/samba/public read only = No guest ok = Yes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
richard
2003-Feb-25 11:51 UTC
[Samba] SAMBA PDC User Permissions, Admin Settings, and Logon?
Hi, Don't know if this is relevant but I read somewhere that including below in [global] makes Samba do strange things? I believe this is a "share" parameter? If this helps please post your results. profile acls = Yes Richard. On Tue, 2003-02-25 at 04:48, Nolan Garrett wrote:> Hi all! First off, I'd like to thank you for the help you've previously > given me. I'd like to state a few of the problems I am now experiencing, > and you all can provide insight. I've read all the documentation I can find > and have surfed the archives for this newsgroup, but to no avail. Any help > would be greatly appreciated! > > (I am using SAMBA 2.2.7) > > Issue 1: If I don't have every user listed in the admin users = section that > I want to allow logon access, they cannot log on. I usually get a domain > unavailable error. > > Issue 2: If I don't set up each user account (w/ domain) on the WinXP > machine I want to logon to, I get some kind of very, very limited logon. It > almost seems to be corrupted. > > Issue 3: This is my main frustration - I cannot seem to block access to > other peoples shares! EG user chrisg can access the nolan share, etc. > > Final Issue: Not a big problem, but I can't figure out how to set up the > CUPS drivers for the pdf-generator. > > Is it a winbind problem, bad config, or am I just a moron? > > Attached is my smb.conf > > # Samba config file created using SWAT > # from gridlock.workgroup.net (192.168.0.5) > # Date: 2003/02/24 18:08:30 > > # Global parameters > [global] > netbios name = MAIN > server string = Samba Server %v > encrypt passwords = Yes > passwd program = /usr/bin/passwd %u > passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password > * %n\n *Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *p > asswd: *all*authentication*tokens*updated*succesfully* > unix password sync = Yes > log level = 1 > log file = /var/log/samba/log.%m > max log size = 50 > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBU > F=8192 SO_SNDBUF=8192 > printcap name = cups > domain admin group = @admins > add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin > /false -M %u > logon script = %U.bat > logon path = \\main\profiles\%U > logon drive = Z: > logon home = \\main\%U\.profile > domain logons = Yes > os level = 99 > domain master = Yes > dns proxy = No > wins support = Yes > winbind uid = 10000-20000 > winbind gid = 10000-20000 > ; valid users = ahayes root danielleg chrisg rickg nolan > admin users = root nolan chrisg rickg danielleg alyssag > printer admin = nolan root > hosts allow = 192.168.0. 127. > ; profile acls = Yes > printing = cups > > [homes] > comment = Home Directory for %u > read only = No > create mask = 0660 > directory mask = 0770 > browseable = No > oplocks = No > level2 oplocks = No > > [netlogon] > comment = Network Logon Service > path = /var/lib/samba/netlogon > write list = root nolan > > [profiles] > path = /var/lib/samba/profiles > read only = No > create mask = 0600 > directory mask = 0700 > guest ok = Yes > browseable = No > csc policy = disable > > [printers] > comment = All Printers > path = /var/spool/samba > printer admin = root nolan > guest ok = Yes > printable = Yes > browseable = No > > [print$] > comment = Printer Drivers > path = /etc/samba/drivers > write list = root nolan > > [pdf-generator] > comment = PDF Generator (only valid users!) > path = /var/tmp > printable = Yes > print command = /usr/share/samba/scripts/print-pdf %s ~%u \\\\\\\\%L > \\\\%u %m & > > [public] > comment = Public > path = /home/samba/public > read only = No > guest ok = Yes > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba