Hi,
we use samba 3.5.6 on debian stable. Linux machines
SAMBA1 , SAMBA2 and SAMBA3 joined to W2K3 domain W2K3-DOM
by "net rpc join" and handle linux users with nis ( YP ).
On all samba machines smb.conf includes:
idmap domains = W2K3-DOM
idmap backend = tdb
idmap uid = 1000000-1999999
idmap gid = 1000000-1999999
idmap config W2K3-DOM : backend = nss
idmap config W2K3-DOM : range = 10000-999999
winbind enum users = Yes
winbind enum groups = Yes
But now we have troubles to access files on some samba pc.
For instance user1 has group software on nis and W2K3.
You see ownership different on these samba pc.
SAMBA1 : user = Unix User\user1
group = software
SAMBA2 : user = SAMBA2\user1
group = software
SAMBA3 : user = SAMBA3\user1
group = software
So Windows user1 has only group access on SAMBA2 and SAMBA3.
When looking for users by pdbedit and wbinfo I got the
follwing output:
SAMBA1:
wbinfo -u : W2K3-DOM\user1
pdbedit -L outputs only local and no yp users
SAMBA2:
wbinfo -u : W2K3-DOM\user1
no output of SAMBA2 users
pdbedit -L outputs user1
SAMBA3:
wbinfo -u : W2K3-DOM\user1
output of local SAMBA3 users but no yp-users
pdbedit -L outputs user1
( but there are only some yp users and all local users )
How and where can I change the behaviour on SAMBA2 and SAMBA3 so that
yp users have access by there username ?
Thanx in advance.
From: Lutz Kittler <l.kittler at sse-erfurt.de> Date: Mon, 14 Nov 2011 13:17:28 +0100> we use samba 3.5.6 on debian stable. Linux machines > SAMBA1 , SAMBA2 and SAMBA3 joined to W2K3 domain W2K3-DOM > by "net rpc join" and handle linux users with nis ( YP ). > > On all samba machines smb.conf includes: > > idmap domains = W2K3-DOM > idmap backend = tdb > idmap uid = 1000000-1999999 > idmap gid = 1000000-1999999 > > idmap config W2K3-DOM : backend = nss > idmap config W2K3-DOM : range = 10000-999999 > winbind enum users = Yes > winbind enum groups = Yes > > But now we have troubles to access files on some samba pc. > For instance user1 has group software on nis and W2K3.(snip)> How and where can I change the behaviour on SAMBA2 and SAMBA3 so that > yp users have access by there username ?If you once enabled Winbind, all group membership that Samba recognizes must be managed on Winbind or Windows. Unix-based group membership (including yp, /etc/group and etc...) is ignored. --- TAKAHASHI Motonobu <monyo at samba.gr.jp>
Hi, and what can I do to set access so users can access their files? Can I install mapping between Windows and yp users or reset winbind users and initialise them from yp? Lutz Am 15.11.2011 00:31, schrieb TAKAHASHI Motonobu:> From: Lutz Kittler <l.kittler at sse-erfurt.de> > Date: Mon, 14 Nov 2011 13:17:28 +0100 > >> we use samba 3.5.6 on debian stable. Linux machines >> SAMBA1 , SAMBA2 and SAMBA3 joined to W2K3 domain W2K3-DOM >> by "net rpc join" and handle linux users with nis ( YP ). >> >> On all samba machines smb.conf includes: >> >> idmap domains = W2K3-DOM >> idmap backend = tdb >> idmap uid = 1000000-1999999 >> idmap gid = 1000000-1999999 >> >> idmap config W2K3-DOM : backend = nss >> idmap config W2K3-DOM : range = 10000-999999 >> winbind enum users = Yes >> winbind enum groups = Yes >> >> But now we have troubles to access files on some samba pc. >> For instance user1 has group software on nis and W2K3. > > (snip) > >> How and where can I change the behaviour on SAMBA2 and SAMBA3 so that >> yp users have access by there username ? > > If you once enabled Winbind, all group membership that Samba > recognizes must be managed on Winbind or Windows. Unix-based group > membership (including yp, /etc/group and etc...) is ignored. > > --- > TAKAHASHI Motonobu <monyo at samba.gr.jp>