Hi list, I am still struggeling with some winbind/idmap Problem for some time, and still got no clue what is going wrong. I already asked on this list but maybe my previous description was unprecise so i want to start a new attempt: My Problem is as follows: uid/gid information is stored /etc/passwd and /etc/group local on my samba Server, passwords are stored in Active Directory. In order to let winbind fetch uid/gid information from local files i put the following in my smb.conf: idmap config MYREALM: backend = nss idmap config MYREALM: range = 100-100000 and the following in /etc/nsswitch.conf: passwd: files winbind shadow: files group: files winbind Connecting to my Samba Server with AD password works + idmapping seems to work partly - heres some info from the logs: karmic (::ffff:192.168.0.9) connect to service testshare initially as user testuser (uid=60000, gid=200) (pid 21642) --> uid and gid matches data from passwd, which is what i want. [2011/02/01 16:01:26, 3] smbd/password.c:register_existing_vuid(299) register_existing_vuid: UNIX uid 60000 is UNIX user testuser, and will be vuid 100 --> uid 60000 still is correct - what about vuid 100? [2011/02/01 16:01:20, 3] lib/privileges.c:get_privileges(63) get_privileges: No privileges assigned to SID [ xxxxxx ] --> no privilleges assigned seems wrong ... The actual Problem is the Following: There Are different users (from one unix group) which should write to this share - and they should be able to delete files which are written by other users from the same group, which is actually not working right now. Although owner:group is correct for files created via samba, deleting files from other users fails although file permissions are set correctly. Ideas anybody? Regards, Marius -- Neu: GMX De-Mail - Einfach wie E-Mail, sicher wie ein Brief! Jetzt De-Mail-Adresse reservieren: http://portal.gmx.net/de/go/demail
2011/2/2 marius klausen <mariusklausen at gmx.net>:> My Problem is as follows: uid/gid information is stored /etc/passwd and /etc/group local on my samba Server, ?passwords are stored in Active Directory. In order to let winbind fetch uid/gid information from local files i put the following in my smb.conf: > > idmap config MYREALM: backend = nss > idmap config MYREALM: range = 100-100000 > > and the following in /etc/nsswitch.conf: > > passwd: ? ? files winbind > shadow: ? ? files > group: ? ? ?files winbind > > Connecting to my Samba Server with AD password works + idmapping seems to work partly - heres some info from the logs: > > [2011/02/01 16:01:26, ?3] smbd/password.c:register_existing_vuid(299) > ?register_existing_vuid: UNIX uid 60000 is UNIX user testuser, and will be vuid 100 > > --> uid 60000 still is correct - what about vuid 100?vuid is an internal ID. You do not need to care it.> [2011/02/01 16:01:20, ?3] lib/privileges.c:get_privileges(63) > ?get_privileges: No privileges assigned to SID [ xxxxxx ] > > --> no privilleges assigned seems wrong ...No, this message simply says that an user has no (extra) user rights.> The actual Problem is the Following: There Are different users (from one unix group) which should write to this share - and they should be able to delete files which are written by other users from the same group, which is actually not working right now. Although owner:group is correct for files created via samba, deleting files from other users fails although file permissions are set correctly. > > Ideas anybody?Make different users belong to the same Windows group and map the group to an UNIX group. --- TAKAHASHI Motonobu <monyo at monyo.com>
Hi Takahashi, thank you for your swift reply.> > > The actual Problem is the Following: There Are different users (from one > unix group) which should write to this share - and they should be able to > delete files which are written by other users from the same group, which is > actually not working right now. Although owner:group is correct for files > created via samba, deleting files from other users fails although file > permissions are set correctly. > > > > Ideas anybody? > > Make different users belong to the same Windows group and map the > group to an UNIX group. >Maybe this works, but i would definilty prefer a soultion where uid/gid information is stored in lokal files (passwd/group). Question: is this possible in general? I have not found such a setup in the web ... Best Regards, Henrik -- GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt mit gratis Handy-Flat! http://portal.gmx.net/de/go/dsl