I disabled inheritage for the home share as described in the wiki, so i
don't explained why the user is in double.
wbinfo for all users give me a normal output, getent passwd and id return
nothing (don't need local access on my server so don't use Unix
attribute
on those users, am I right?)
Here is my smb.conf (from with my member server)
[global]
workgroup = CONTOSO
security = ADS
realm = CONTOSO.EXAMPLE
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
idmap config *:backend = tdb
idmap config *:range = 2000-9999
idmap config CONTOSO:backend = ad
idmap config CONTOSO:schema_mode = rfc2307
idmap config CONTOSO:range = 10000-99999
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind refresh tickets = yes
winbind expand groups = 4
winbind normalize names = yes
domain master = no
local master = no
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
username map = /srv/samba4/user.map
printing = CUPS
printcap name = /dev/null
[home]
path = /srv/shares/home
read only = no
[marketing]
path = /srv/shares/Marketing
read only = no
[sales]
path = /srv/shares/Sales
read only = no
[legal]
path = /srv/shares/Legal
read only = no
Thanks for your help.
2015-10-09 16:44 GMT+02:00 L.P.H. van Belle <belle at bazuin.nl>:
> Commented between the lines..
>
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Julien
Deloubes
> > Verzonden: vrijdag 9 oktober 2015 15:45
> > Aan: samba at lists.samba.org
> > Onderwerp: [Samba] Strange problems with my shares
> >
> > Hello guys,
> > I have plenty of problems with my shares.
> > First my env: Samba 4.2.1 on ubuntu 14.04, 2 DC and 1 Domain member
(for
> > the share),Bind 9.9 DLZ for the DNS and winbindd.
> >
> > When i follow the wiki page about settings home directory (
> > https://wiki.samba.org/index.php/User_home_drives) the file system
> > permissions are very strange:
> > In the security Tab:
> > -The proprietary user account appears twice (with one entry with
> > permissions in grey)
> [L.P.H. van Belle] the one in grey is inherited from a previous folder.
>
> > -The first user account i had created in the AD appears with full
access!
> [L.P.H. van Belle] Which account ? named ?
> > -The admin account appears but is disabled
> [L.P.H. van Belle] is guess this was your first account.
>
> > -I had a root account (Unix User\ root)
> [L.P.H. van Belle] you still have.
> > -I had a root group account ((Unix group\ root)
> [L.P.H. van Belle] you still have.
> >
> > Do you have any clues why i have the user account in double, and most
> > important how can another user account have full access to this home
> > directory?
> [L.P.H. van Belle] post the output of
> wbinfo -u | grep username
> id username
> getent passwd | grep username
>
> >
> > Another strange thing: when i set the home folder path in ADUC i had a
> > message telling:
> >
> > The \\server\share_homedir folder already exist. Do you want this user
to
> > be granted full control of this folder?
> [L.P.H. van Belle] can help with that one. A more convinient setup of
> your users home share is : path /home/users/username
> Shared : /home/users as users
>
> >
> > I erase and recreate the homedir according to the wiki and still have
> > issue.
> > I'm very surpised nobody else had this issue.
> [L.P.H. van Belle] post your smb.conf so we know more about your setup.
> >
> > Thanks
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
>
> [L.P.H. van Belle] Greetz...
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>