-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I configured samba to work with an FDS backend using a howto from the Fedora Directory Server site. The howto had me create a Administrator user in LDAP with UID/GID of 0. Now when anyone logs in as root and do a whoami it comes back as Administrator. If I delete the Administrator user in LDAP samba will break, how do I get around this issue and still provide samba the access level it needs? Thanks. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkpE+ZUACgkQ5B+8XEnAvqvTrACdFsgyjYCn41fUze7PqxLqq19e zbcAn2SfFNNg8iHIDZlXGzATSmdLFl7I =47ZI -----END PGP SIGNATURE-----
On Fri, Jun 26, 2009 at 12:38 PM, David Christensen<David.Christensen@viveli.com> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I configured samba to work with an FDS backend using a howto from the > Fedora Directory Server site. ?The howto had me create a Administrator > user in LDAP with UID/GID of 0. ?Now when anyone logs in as root and do > a whoami it comes back as Administrator. ?If I delete the Administrator > user in LDAP samba will break, how do I get around this issue and still > provide samba the access level it needs? >put files first in your /etc/nsswitch.conf passwd: files ldap shadow: files ldap group: files ldap John
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John Drescher wrote:> On Fri, Jun 26, 2009 at 12:38 PM, David > Christensen<David.Christensen@viveli.com> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> I configured samba to work with an FDS backend using a howto from the >> Fedora Directory Server site. The howto had me create a Administrator >> user in LDAP with UID/GID of 0. Now when anyone logs in as root and do >> a whoami it comes back as Administrator. If I delete the Administrator >> user in LDAP samba will break, how do I get around this issue and still >> provide samba the access level it needs? >> > > put files first in your /etc/nsswitch.conf > > passwd: files ldap > shadow: files ldap > group: files ldap > > JohnLooks like that is the way my nsswitch.conf is already configured. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkpE/dEACgkQ5B+8XEnAvqvFSACfZL0/coLUrLl0XDcZIbqjzH8M gbUAnjo7vzikF0/c5BA0BfWQMa22hKBt =KrzM -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Christensen wrote:> John Drescher wrote: >> On Fri, Jun 26, 2009 at 12:38 PM, David >> Christensen<David.Christensen@viveli.com> wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> I configured samba to work with an FDS backend using a howto from the >>> Fedora Directory Server site. The howto had me create a Administrator >>> user in LDAP with UID/GID of 0. Now when anyone logs in as root and do >>> a whoami it comes back as Administrator. If I delete the Administrator >>> user in LDAP samba will break, how do I get around this issue and still >>> provide samba the access level it needs? >>> >> put files first in your /etc/nsswitch.conf > >> passwd: files ldap >> shadow: files ldap >> group: files ldap > >> John > > Looks like that is the way my nsswitch.conf is already configured.I am attempting to use the username map attribute in smb.conf to map root=Administrator but its not working, the Administrator account is still squashing root, do I need to delete the Administrator account from ldap or modify it in some way? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkpFKPsACgkQ5B+8XEnAvqvamQCeKJVNFcwBEvsjS8HVayR31Y+D 6mUAn0gc3Bnsv2Xt5rZ3d8q2U2mJv+SX =sZZ8 -----END PGP SIGNATURE-----
On Fri, Jun 26, 2009 at 4:00 PM, David Christensen<David.Christensen@viveli.com> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > David Christensen wrote: >> John Drescher wrote: >>> On Fri, Jun 26, 2009 at 12:38 PM, David >>> Christensen<David.Christensen@viveli.com> wrote: >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> I configured samba to work with an FDS backend using a howto from the >>>> Fedora Directory Server site. ?The howto had me create a Administrator >>>> user in LDAP with UID/GID of 0. ?Now when anyone logs in as root and do >>>> a whoami it comes back as Administrator. ?If I delete the Administrator >>>> user in LDAP samba will break, how do I get around this issue and still >>>> provide samba the access level it needs? >>>> >>> put files first in your /etc/nsswitch.conf >> >>> passwd: ? ? files ldap >>> shadow: ? ? files ldap >>> group: ? ? ?files ldap >> >>> John >> >> Looks like that is the way my nsswitch.conf is already configured. > > ?I am attempting to use the username map attribute in smb.conf to map > root=Administrator but its not working, the Administrator account is > still squashing root, do I need to delete the Administrator account from > ldap or modify it in some way? >I do not know. I have user Administrator in my ldap but whoami shows root. does root show up first on this command? getent passwd John
On Fri, Jun 26, 2009 at 4:31 PM, John Drescher<drescherjm@gmail.com> wrote:> On Fri, Jun 26, 2009 at 4:00 PM, David > Christensen<David.Christensen@viveli.com> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> David Christensen wrote: >>> John Drescher wrote: >>>> On Fri, Jun 26, 2009 at 12:38 PM, David >>>> Christensen<David.Christensen@viveli.com> wrote: >>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>> Hash: SHA1 >>>>> >>>>> I configured samba to work with an FDS backend using a howto from the >>>>> Fedora Directory Server site. ?The howto had me create a Administrator >>>>> user in LDAP with UID/GID of 0. ?Now when anyone logs in as root and do >>>>> a whoami it comes back as Administrator. ?If I delete the Administrator >>>>> user in LDAP samba will break, how do I get around this issue and still >>>>> provide samba the access level it needs? >>>>> >>>> put files first in your /etc/nsswitch.conf >>> >>>> passwd: ? ? files ldap >>>> shadow: ? ? files ldap >>>> group: ? ? ?files ldap >>> >>>> John >>> >>> Looks like that is the way my nsswitch.conf is already configured. >> >> ?I am attempting to use the username map attribute in smb.conf to map >> root=Administrator but its not working, the Administrator account is >> still squashing root, do I need to delete the Administrator account from >> ldap or modify it in some way? >> > I do not know. I have user Administrator in my ldap but whoami shows root. > > > does root show up first on this command? > > getent passwd > >Actually I have: sysserv0 ~ # getent passwd | grep x:0: root:x:0:0:root:/root:/bin/bash Administrator:x:0:512:Netbios Domain Administrator:/home/Administrator:/bin/false root:x:0:0:Administrative Account,,,,:/root:/bin/bash John
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John Drescher wrote:> On Fri, Jun 26, 2009 at 4:31 PM, John Drescher<drescherjm@gmail.com> wrote: >> On Fri, Jun 26, 2009 at 4:00 PM, David >> Christensen<David.Christensen@viveli.com> wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> David Christensen wrote: >>>> John Drescher wrote: >>>>> On Fri, Jun 26, 2009 at 12:38 PM, David >>>>> Christensen<David.Christensen@viveli.com> wrote: >>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>> Hash: SHA1 >>>>>> >>>>>> I configured samba to work with an FDS backend using a howto from the >>>>>> Fedora Directory Server site. The howto had me create a Administrator >>>>>> user in LDAP with UID/GID of 0. Now when anyone logs in as root and do >>>>>> a whoami it comes back as Administrator. If I delete the Administrator >>>>>> user in LDAP samba will break, how do I get around this issue and still >>>>>> provide samba the access level it needs? >>>>>> >>>>> put files first in your /etc/nsswitch.conf >>>>> passwd: files ldap >>>>> shadow: files ldap >>>>> group: files ldap >>>>> John >>>> Looks like that is the way my nsswitch.conf is already configured. >>> I am attempting to use the username map attribute in smb.conf to map >>> root=Administrator but its not working, the Administrator account is >>> still squashing root, do I need to delete the Administrator account from >>> ldap or modify it in some way? >>> >> I do not know. I have user Administrator in my ldap but whoami shows root. >> >> >> does root show up first on this command? >> >> getent passwd >> >> > Actually I have: > > sysserv0 ~ # getent passwd | grep x:0: > root:x:0:0:root:/root:/bin/bash > Administrator:x:0:512:Netbios Domain > Administrator:/home/Administrator:/bin/false > root:x:0:0:Administrative Account,,,,:/root:/bin/bash > > > JohnRoot does show up first, this is what I have [root@ldap2 ~]# getent passwd | grep :0:0 root:x:0:0:root:/root:/bin/bash Administrator:*:0:0:Samba Admin:/root:/bin/bash -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkpFNY4ACgkQ5B+8XEnAvquc1QCdH4O1kKSup5/nQWDgt3uW9fzL SPsAn3x/O/P/fAw3QVQZBo6x1z85B3eR =O80R -----END PGP SIGNATURE-----