I'm really not looking forward to downgrading because of this but if
this persists much longer I'll have to. :-(
Platform: MDV LE 2005
Previous version was 3.0.9 I think. Whatever the default for Mdk 10.1
Official was.
samba-swat-3.0.14a-2mdk
samba-smbldap-tools-3.0.14a-2mdk
samba-doc-3.0.14a-2mdk
samba-client-3.0.14a-2mdk
samba-common-3.0.14a-2mdk
samba-vscan-clamav-3.0.14a-2mdk
samba-server-3.0.14a-2mdk
LDAP backend. Getent works and I have no trouble logging ldap users
into Linux. Commented out LDAP ACLs and that did not seem to help.
smbldap-tools seems to work fine. testparm returns no errors.
I've tried setting "valid users =" in the homes share to various
things
and no dice. This included commenting it out all together. The old
setting was "valid users = %S".
Tests show the following:
[root@enigma ~]# smbclient -L enigma
Password:
Domain=[J9STARR] OS=[Unix] Server=[Samba 3.0.14a]
Sharename Type Comment
--------- ---- -------
apps Disk Application Files
public Disk
print$ Disk Printer Drivers
IPC$ IPC IPC Service (Samba 3.0.14a)
ADMIN$ IPC IPC Service (Samba 3.0.14a)
Domain=[J9STARR] OS=[Unix] Server=[Samba 3.0.14a]
Server Comment
--------- -------
ENIGMA Samba 3.0.14a
MICROTRON
Workgroup Master
--------- -------
J9STARR ENIGMA
[root@enigma ~]#
OK, so as a user:
[njim@enigma njim]$ smbclient //enigma/njim
Password:
Domain=[J9STARR] OS=[Unix] Server=[Samba 3.0.14a]
tree connect failed: NT_STATUS_ACCESS_DENIED
[njim@enigma njim]$
Note: CUPS isn't set up yet which I think explains the print errors.
Also the smbldap script paths still need adjusting in this version of my
smb.conf.
testparm output is:
# Global parameters
[global]
unix charset = LOCALE
workgroup = J9STARR
interfaces = eth0, lo
bind interfaces only = Yes
passdb backend = ldapsam:ldap://localhost
passwd program = /usr/bin/passwd '%u'
passwd chat debug = Yes
unix password sync = Yes
syslog = 0
log file = /var/log/samba/%m
max log size = 50
name resolve order = wins hosts bcast
time server = Yes
printcap name = CUPS
add user script = /usr/share/samba/scripts/smbldap-useradd.pl -a -m
'%u'
delete user script = /usr/share/samba/scripts/smbldap-userdel.pl '%u'
add group script = /usr/share/samba/scripts/smbldap-groupadd.pl -p '%g'
delete group script = /usr/share/samba/scripts/smbldap-groupdel.pl '%g'
add user to group script = /usr/share/samba/scripts/smbldap-groupmod.pl
-m '%u' '%g'
delete user from group script /usr/share/samba/scripts/smbldap-groupmod.pl -x
'%u' '%g'
set primary group script = /usr/share/samba/scripts/smbldap-usermod.pl
-g '%g' '%u'
add machine script = /usr/share/samba/scripts/smbldap-useradd.pl -w
'%u'
logon script = logon.bat
logon path = \\%L\profiles\%U
logon drive = Z:
logon home = \\%L\%U\profiles
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap admin dn = cn=enigma.j9starr.net,ou=Hosts,dc=j9starr,dc=net
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=People
ldap suffix = dc=j9starr,dc=net
ldap ssl = no
ldap user suffix = ou=People
idmap backend = ldap:ldap://localhost
idmap uid = 10000-20000
idmap gid = 10000-20000
printer admin = root, "@Domain Admins"
hosts allow = 192.168.2., 127.
hosts deny = ALL
map acl inherit = Yes
print command = lpr-cups -P %p -o raw %s -r
[apps]
comment = Application Files
path = /mnt/apps
read only = No
vfs objects = vscan-clamav
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon/%a
guest ok = Yes
browseable = No
locking = No
[profiles]
comment = Profile Share
path = /var/lib/samba/%a/profiles
read only = No
profile acls = Yes
browseable = No
root preexec = PROFILE=/var/lib/samba/%a/profiles/%u; if [ ! -e
$PROFILE ]; then mkdir -pm700 $PROFILE; chown "%u"."%g"
$PROFILE; fi
root postexec = /bin/su -c "/usr/local/bin/dl
/var/lib/samba/%a/profiles/%u/Desktop/*[^.lnk]" "%u"
recycle:repository = ../../../../../home/%U/Desktop/Trash
recycle:noversions = *.doc|*.xls|*.ppt
recycle:excludedir = /tmp|/temp|/cache
recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??
recycle:maxsize = 209715200
recycle:versions = Yes
recycle:touch = Yes
recycle:keeptree = Yes
[homes]
comment = Home Directories
valid users = %S
read only = No
hide special files = Yes
browseable = No
recycle:repository = ./Desktop/Trash
recycle:noversions = *.doc|*.xls|*.ppt
recycle:excludedir = /tmp|/temp|/cache
recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??
recycle:maxsize = 0
recycle:versions = Yes
recycle:touch = Yes
recycle:keeptree = Yes
[public]
path = /home/storeage
read only = No
guest only = Yes
guest ok = Yes
recycle:repository = ./Trash
recycle:noversions = *.doc|*.xls|*.ppt
recycle:excludedir = /tmp|/temp|/cache
recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??
recycle:maxsize = 0
recycle:versions = Yes
recycle:touch = Yes
recycle:keeptree = Yes
[printers]
comment = All Printers
path = /var/spool/samba
printer admin = "@Domain Admins"
guest ok = Yes
printable = Yes
use client driver = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
write list = root, "@Domain Admins"
guest ok = Yes