samba - Jan 2016 - samba 4, openldap and an public folder

Hi,
I have tried and spend some times to find the answer myself but it couldn't
find anything that could solve my issue, so I hope someone could help me
with this, and I am sure this could benefit to other samba users also.
OK, here is the story:
I currently use samba (smbd -V: Version 4.2.4-6.3-3503-SUSE-SLE_12-x86_64)
I have a server where samba is installed and another one where openldap is
running (on a opensuse 42.1). It works as a workgroup and wins server.
Everything works find. Now my goal is to add a public folder where
everybody on the network (even people that do not have an account on the
openldap server) could use.
Unfortunalty, it seems that I could have a public folder where no
authentication is required, a users/profiles folder where authenticated
users are redirected to there user's home folder but not both at the same
time using the configuration below:

(note that I have added manually the "Public" section, other part of
the
config have mostly been created by yast at installation time, I have only
tweak some settings)

[global]
        workgroup = DOMAIN.LAN
        passdb backend = ldapsam:ldap://server01.domain.lan
        printing = cups
        printcap name = cups
        printcap cache time = 750
        cups options = raw
        map to guest = Bad User
        logon path = \\%L\profiles\.msprofile
        logon home = \\%L\%U\.9xprofile
        logon drive = P:
        usershare allow guests = No
        add machine script = /sbin/yast
/usr/share/YaST2/data/add_machine.rb %m$
        domain logons = No
        domain master = No
        idmap backend = ldap:ldap://server01.domain.lan
        ldap admin dn = cn=Administrator,dc=domain,dc=lan
        ldap group suffix = ou=group
        ldap idmap suffix = ou=Idmap
        ldap machine suffix = ou=Machines
        ldap passwd sync = Yes
        ldap suffix = dc=domain,dc=lan
        ldap user suffix = ou=people
        netbios name = DOMAIN
        security = user
        wins support = Yes
        log level = 3
        guest account = pcguest
        interfaces = 192.170.1.8
        name resolve order = wins bcast host lmhosts
[homes]
        comment = Home Directories
        valid users = %S, %D%w%S
        browseable = No
        read only = No
        inherit acls = Yes
        hide dot files = yes
[profiles]
        comment = Network Profiles Service
        path = %H
        read only = No
        store dos attributes = Yes
        create mask = 0600
        directory mask = 0700
[users]
        comment = All users
        path = /home
        read only = No
        inherit acls = Yes
        veto files = /aquota.user/groups/shares/
        hide dot files = yes
[groups]
        comment = All groups
        path = /home/groups
        read only = No
        inherit acls = Yes
[printers]
        comment = All Printers
        path = /var/tmp
        printable = Yes
        create mask = 0600
        browseable = No
[print$]
        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = @ntadmin root
        force group = ntadmin
        create mask = 0664
        directory mask = 0775


[Public]
        comment = Dossier public
        writeable = yes
        path = /public
        guest ok = Yes
        create mask = 0770
        directory mask = 2770
        read only = No

Can you help?
Any idea and advice will be greatly appreciated :)

Thanks!

Hi,
Forget about this... I found the issue: I don't know how to type correctly
a password (keymap different in windows and my cygwin session). I will stop
work in IT, buy a farm and raise goats instead...
Sorry world! ;)


2016-01-08 13:47 GMT-05:00 Romain Pelissier <romain.pelissier at
gmail.com>:
> Hi,
> I have tried and spend some times to find the answer myself but it
> couldn't find anything that could solve my issue, so I hope someone
could
> help me with this, and I am sure this could benefit to other samba users
> also.
> OK, here is the story:
> I currently use samba (smbd -V: Version 4.2.4-6.3-3503-SUSE-SLE_12-x86_64)
> I have a server where samba is installed and another one where openldap is
> running (on a opensuse 42.1). It works as a workgroup and wins server.
> Everything works find. Now my goal is to add a public folder where
> everybody on the network (even people that do not have an account on the
> openldap server) could use.
> Unfortunalty, it seems that I could have a public folder where no
> authentication is required, a users/profiles folder where authenticated
> users are redirected to there user's home folder but not both at the
same
> time using the configuration below:
>
> (note that I have added manually the "Public" section, other part
of the
> config have mostly been created by yast at installation time, I have only
> tweak some settings)
>
> [global]
>         workgroup = DOMAIN.LAN
>         passdb backend = ldapsam:ldap://server01.domain.lan
>         printing = cups
>         printcap name = cups
>         printcap cache time = 750
>         cups options = raw
>         map to guest = Bad User
>         logon path = \\%L\profiles\.msprofile
>         logon home = \\%L\%U\.9xprofile
>         logon drive = P:
>         usershare allow guests = No
>         add machine script = /sbin/yast
> /usr/share/YaST2/data/add_machine.rb %m$
>         domain logons = No
>         domain master = No
>         idmap backend = ldap:ldap://server01.domain.lan
>         ldap admin dn = cn=Administrator,dc=domain,dc=lan
>         ldap group suffix = ou=group
>         ldap idmap suffix = ou=Idmap
>         ldap machine suffix = ou=Machines
>         ldap passwd sync = Yes
>         ldap suffix = dc=domain,dc=lan
>         ldap user suffix = ou=people
>         netbios name = DOMAIN
>         security = user
>         wins support = Yes
>         log level = 3
>         guest account = pcguest
>         interfaces = 192.170.1.8
>         name resolve order = wins bcast host lmhosts
> [homes]
>         comment = Home Directories
>         valid users = %S, %D%w%S
>         browseable = No
>         read only = No
>         inherit acls = Yes
>         hide dot files = yes
> [profiles]
>         comment = Network Profiles Service
>         path = %H
>         read only = No
>         store dos attributes = Yes
>         create mask = 0600
>         directory mask = 0700
> [users]
>         comment = All users
>         path = /home
>         read only = No
>         inherit acls = Yes
>         veto files = /aquota.user/groups/shares/
>         hide dot files = yes
> [groups]
>         comment = All groups
>         path = /home/groups
>         read only = No
>         inherit acls = Yes
> [printers]
>         comment = All Printers
>         path = /var/tmp
>         printable = Yes
>         create mask = 0600
>         browseable = No
> [print$]
>         comment = Printer Drivers
>         path = /var/lib/samba/drivers
>         write list = @ntadmin root
>         force group = ntadmin
>         create mask = 0664
>         directory mask = 0775
>
>
> [Public]
>         comment = Dossier public
>         writeable = yes
>         path = /public
>         guest ok = Yes
>         create mask = 0770
>         directory mask = 2770
>         read only = No
>
> Can you help?
> Any idea and advice will be greatly appreciated :)
>
> Thanks!
>