LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Samba uid/gid mapping (Server to client) problems (https://www.linuxquestions.org/questions/linux-networking-3/samba-uid-gid-mapping-server-to-client-problems-274038/)

mcle 01-05-2005 03:00 AM
Samba uid/gid mapping (Server to client) problems
 
Hi all,

I want to setup a Samba server and some clients. The Samba server was intented to be NT4 style PDC. I decided to use the suggested method of user authentication where the authentication is all over made by the Samba server and I don't have to create all the users on every client (because there are lots of new and leaving users). Login works (there's a problem with creating new local home directories from graphical KDE login screen, see http://www.linuxquestions.org/questi...hreadid=273188 for details), the uid and gid from the server (around 1000) are mapped to some around 15000.
Then I created a share. The clients can connect as wished (log.smbd says something with the uid and gid around 1000), but I wanted to create shares like

Code:
+public share
+--group1
  +user1
  +user2
+--group2
  +user1
  +user3
and work with chmod 770 or something like this to allow users of different groups to access these directories within the shares, and this does not work. I always get the message that it's not allowed to cd into these dirs. ls -l shows for user and group some uid/gid around 1000, effective uid/gid are around 15000.

I'm a bit confused of all this and finally thinking maybe it isn't even possible to do what I'm trying to do.

In case it helps, I have attached the smb.conf files of the server and the client, just let me know if you'd like to see another file like nsswitch.conf (I just added winbind for passwd, group and shadow there).

Thanks in advance,
//mc


Code:
smb.conf of the server
[global]
        workgroup = ***DomainName***
        server string = Samba Server
        allow trusted domains = No
        passdb backend = smbpasswd:/etc/samba/smbpasswd
        username map = /etc/samba/smbusers
        load printers = No
        add machine script = /usr/sbin/useradd  -c Machine -d /var/lib/nobody -s
 /bin/false %m$
        domain logons = Yes
        preferred master = Yes
        domain master = Yes
        idmap backend = idmap_rid:***DomainName***=15000-20000
        idmap uid = 15000-20000
        idmap gid = 15000-20000
        template shell = /bin/bash
        winbind use default domain = Yes
        wins support = yes
        os level = 65

...shares go here.
Code:
smb.conf of the client
[global]
  workgroup = ***DomainName***
  printing = cups
  printcap name = cups
  printer admin = @ntadmin, root, administrator
  map to guest = Never
  wins server = ***ServerName***
  idmap uid = 15000-20000
  idmap gid = 15000-20000
  security = domain
  winbind use default domain = yes
  encrypt passwords = yes
  template homedir = /home/%D/%U
  template shell = /bin/bash
  winbind cache time = 15
  winbind enum users = yes
  winbind enum groups = yes
  idmap backend = idmap_rid:***DomainName***=15000-20000
  allow trusted domains = No

mcle 01-06-2005 07:22 AM
For file works, for dir doesn't work!
 
It turns out that the subject is even stranger.
I created a simple ascii file within the Samba share, chown a user, chgrp the real group, chmod 770. Then I smbmounted the share with another user of the real group and can less the ascii file! But a dir on this share with the same security settings cannot be accessed :confused: :scratch: :cry:

ls -l on the client, in the mounted share:

Code:
drwxrwx---  1 1002 1000 0 2005-01-03 03:52 non-accessible dir
-rwxrwx---  1 1002 1000 4 2005-01-03 05:45 accessible file
Edit:
It also turns out that the server is working correctly as I can access the non-accessible dir from a windows box.
So there must be something with the samba client...

mcle 01-07-2005 08:16 AM
Getting stranger and stranger with every moment I try this...

Logged on at the Samba client, I smbmounted a real Windows network share and - you guess it - it works. I can browse the entire directory tree of this share as I expected.
So for me it looks that the only thing which is not working is the combination Samba Server to Samba Client. Which is rather odd and I thought that would be the easiest thing to do... :cry:

Please help me not to lose faith in linux so quickly...

//mc


All times are GMT -5. The time now is 05:14 PM.