On Tue Jul 24 15:12:41 2007, Steve Langasek <[EMAIL PROTECTED]> wrote: > > [ Deleted ] > > I'm not sure why plaintext passwords should affect the use of 'valid users = > %S'; that should not change how the username is resolved. > > But why do you have winbind running on a system where you're trying to use > plaintext passwords? Or put differently, why are you using plaintext > passwords on a system that has winbind? > > winbind is for NT domain integration. If you have an NT domain, you > shouldn't need to resort to plaintext passwords; and indeed, I would expect > that 'encrypt passwords = false' would cause problems for the domain > operation. > > [ Deleted ] > > Recent versions of samba fixed a security hole in the parsing of > preexec/postexec commands by trimming all shell special characters. I > believe this includes '>'. You would need to create a short script to > handle the redirection to the named logfile. > > [ Deleted ] > > -- > Steve Langasek Give me a lever long enough and a Free OS > Debian Developer to set it on, and I can move the world. > [EMAIL PROTECTED] http://www.debian.org/ >
Based on what you have suggested, I have done two things: (1) disabled winbindd (2) updated my smb.conf (see below) (3) created a script for the connection logging I had before <=========================v=v=v= Config (v2) =v=v=v=========================> 1>> [global] 2>> workgroup = AlwaysBIG 3>> encrypt passwords = false 4>> root preexec = /bin/bash /etc/samba/connection.sh CONNECT %T %S %P %U %m 5>> root postexec = /bin/bash /etc/samba/connection.sh DISCONNECT %T %S %P %U %m 6>> 7>> [homes] 8>> comment = Home Directories 9>> browseable = no 10>> writable = yes 11>> create mask = 0700 12>> directory mask = 0700 13>> valid users = %S <=========================^=^=^= Config (v2) =^=^=^=========================> As suggested, I disabled winbindd, and tried to include the "valid users" option, but it still failed on me. I couldn't connect to the server, and the symptom is similar to what I had before. I also updated my smb.conf, and revised the "root preexec" and "root postexec" options. I also created a script for doing the logging, but, still, nothing gets logged. I really don't understand why. I am puzzled. Any help?? -- Joe C.K. Yau -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
