| delorie.com/archives/browse.cgi | search |
| X-Spam-Check-By: | sourceware.org |
| To: | cygwin AT cygwin DOT com |
| From: | Andrew DeFaria <Andrew AT DeFaria DOT com> |
| Subject: | Re: Permissions problem - odd setup |
| Date: | Tue, 21 Feb 2006 20:45:13 -0800 |
| Lines: | 50 |
| Message-ID: | <dtgq85$mgu$1@sea.gmane.org> |
| References: | <022120061644 DOT 14282 DOT 43FB438A000B51A1000037CA22007358340A050E040D0C079D0A AT comcast DOT net> <dtfh73$9q0$1 AT sea DOT gmane DOT org> <200602211816 DOT 39039 DOT mailing-cygwin AT schoenhaber DOT de> <dtfj9q$i64$1 AT sea DOT gmane DOT org> <dtgaj5$6es$1 AT sea DOT gmane DOT org> |
| Mime-Version: | 1.0 |
| User-Agent: | Thunderbird 1.5 (Windows/20051201) |
| In-Reply-To: | <dtgaj5$6es$1@sea.gmane.org> |
| X-IsSubscribed: | yes |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Unsubscribe: | <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
Andrew DeFaria wrote:
> Andrew DeFaria wrote:
>> Markus Schönhaber wrote:
>>
>> Don't know if this is of any help: you can set the SIDs for the user
>> and the user's primary group on the Samba box with pdbedit ... -U
>> <SID> -G <SID> ...Maybe it helps if you use the same SIDs your
>> Windows Domain account has.
> OK, got the admin to do that command. Remapped the drive. Same
> problems. Any other ideas?
It seems that this didn't work because we are using only smbpasswd and
need to update to using tdbsam
(http://swamp.chl.chalmers.se/samba/docs/man/Samba-HOWTO-Collection/passdb.html#pdbeditthing):
tdbsam
This backend provides a rich database backend for local servers.
This backend is not suitable for multiple domain controllers
(i.e., PDC + one or more BDC) installations.
The /tdbsam/ password backend stores the old / smbpasswd/
information plus the extended MS Windows NT/200x SAM information
into a binary format TDB (trivial database) file. The inclusion
of the extended information makes it possible for Samba-3 to
implement the same account and system access controls that are
possible with MS Windows NT4/200x-based systems.
The inclusion of the /tdbsam/ capability is a direct response to
user requests to allow simple site operation without the
overhead of the complexities of running OpenLDAP. It is
recommended to use this only for sites that have fewer than 250
users. For larger sites or implementations, the use of OpenLDAP
or of Active Directory integration is strongly recommended.
Additionally:
The resolution of SIDs to UIDs is fundamental to correct operation
of Samba. In both cases shown, if winbindd is not running or cannot
be contacted, then only local SID/UID resolution is possible. See
resolution of SIDs to UIDs
<http://swamp.chl.chalmers.se/samba/docs/man/Samba-HOWTO-Collection/passdb.html#idmap-sid2uid>
and resolution of UIDs to SIDs
<http://swamp.chl.chalmers.se/samba/docs/man/Samba-HOWTO-Collection/passdb.html#idmap-uid2sid>
diagrams.
Apparently I need to have them switch to tdbsam style backend in order
to set things like SIDs and the like. This might be a hard sell...
--
Don't make no sense that common sense don't make no sense no more. -
John Prine
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |