Good Morning,
I set up several Samba shares several months ago and these were working as
expected until recently. Then I started notincing that the users dod not have
the access they should have had based on owner / group priveledges.
A day or so ago I created a directory via the shared interface (i.e. not on the
server directly!) and noticed that, instead of my username the owner was
DOMAIN\username.
I dug into the log files and noticed that, up until the 24th of June, the log
contained entries such as:
[2011/06/24 07:30:42.960995, 1] smbd/service.c:1070(make_connection_snum)
__ffff_172.28.164.129 (::ffff:172.28.164.129) connect to service tools
initially as user USERNAME (uid=0, gid=110) (pid 1684)
On the 27th it suddenly became:
[2011/06/27 07:27:16.942121, 1] smbd/service.c:1070(make_connection_snum)
__ffff_172.28.164.129 (::ffff:172.28.164.129) connect to service tools
initially as user DOMAIN\USERNAME (uid=10004, gid=10004) (pid 17600)
The Windows Network types assure me that nothing had changed on thier side.
I did notice that I had a message concerning a change in Samba and have
subsequently added the "map untrusted to domain = yes" to my smb.conf and
restarted both samba and my client (to force a new login), but the result is
the same.
Here my smb.conf:
[global]
realm = DOMAIN.DOMAIN
workgroup = WORKGROUP
server string = %h Debian Development Server
interfaces = 172.20.32.27/24, lo
security = ADS
auth methods = guest, sam, winbind
obey pam restrictions = Yes
password server = dueads03 dueads04 dueads05
passdb backend = smbpasswd
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
log level = 3
max log size = 1000
name resolve order = lmhosts host wins bcast
printcap name = cups
panic action = /usr/share/samba/panic-action %d
idmap uid = 10000-20000
idmap gid = 10000-20000
username map = /etc/samba/smbusers
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
map untrusted to domain = yes
template shell = /bin/bash
template homedir = /home/%U
[homes]
comment = Home Folder
valid users = %S
read only = No
create mask = 0750
browseable = No
volume = %U Home
[netlogon]
comment = Domain Logon Service
path = /home/samba/netlogon
valid users = %U
admin users = john
write list = @admins
read only = No
guest ok = Yes
browseable = No
locking = No
[profiles]
comment = Users profiles
path = /home/samba/profiles
create mask = 0600
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[opt]
comment = Application Files
path = /opt
admin users = john
read only = No
create mask = 0775
[projects]
comment = Application Files
path = /proj
admin users = john
read only = No
create mask = 0775
[tools]
comment = Application Development Tools
path = /data/tools
admin users = john
read only = No
create mask = 0775
I have searched, but I not able to find anything the seems relevant to my
problem.
Any ideas?
Thnaks in advance ...

John
----
Who is General Failure, and why is he reading my hard disk?
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive:
http://lists.debian.org/718413D5BCF618498A68930091C4BE9B05E2FE09@dueexs01.bertschi.domain
