Web lists-archives.com

Re: [Samba] doubt




Well, i use samba wiki tutorial, well my actually config:

I use winbind for work with getent searchs. In network no package sssd
installed. I start services winbind, smbd and nmbd

Well, really, about the confusion, I did not understand what you meant.

The other config are not changed, they are the same ones when you helped
the problems of the kerberos.

Last detail, with shared backup, i test with several users: users_1,
users_2 for example, and only users of ad can create, remove, rename paste
and files. This part works perfectly.

My new configs:
##################################
# NSS with Winbind
ln -s /usr/lib/libnss_winbind.so.2 /lib64/
ln -s /lib64/libnss_winbind.so.2 /lib64/libnss_winbind.so
ldconfig

##################################
[global]
       security = ADS
       workgroup = REDE
       realm = REDE.COM.BR

       log file = /var/log/samba/%m.log
       log level = 1

       idmap config * : backend = tdb
       idmap config * : range = 3000-19999   #  I add for 19,999 for search
all users of ad
       winbind use default domain = yes
       case sensitive = no

       winbind enum users = yes
       winbind enum groups = yes

       printing = cups
       load printers = yes

   [backup]
   path = /opt/backup
   read only = No
   create mask = 1666
   directory mask = 1777
   valid users = users_1, users_2

   [printers]
   path = /var/spool/samba/
   print ok = yes
   guest ok = no
   valid users =  users_1, users_2
##################################
Result with smbclient:

 smbclient -L localhost
Enter users_1@xxxxxxxxxxx's password:
Domain=[REDE] OS=[] Server=[]

Sharename       Type      Comment
---------       ----      -------
backup          Disk
IPC$            IPC       IPC Service (Samba 4.6.2)
Ricoh-Aficio-MP-5002 Printer   CEST
Domain=[REDE] OS=[] Server=[]

Server               Comment
---------            -------
AGUA
DELOREAN1            Samba 4.6.2

Workgroup            Master
---------            -------
REDE           AGUA


2017-04-25 11:18 GMT-03:00 Rowland Penny <rpenny@xxxxxxxxx>:

> On Tue, 25 Apr 2017 11:05:20 -0300
> Luiz Guilherme Nunes Fernandes <narutospinal@xxxxxxxxx> wrote:
>
> > Well, i add new configuration in my smb.conf. I try connecting in
> > shared backup, this work with authentication, in shared printers, It
> > prints with anonymous users and when I insert one valid ad user, it
> > prints and displays the following error: "Idle - "Session setup
> > failed: NT_STATUS_LOGON_FAILURE"
> >
> > Another doubt, in directory /var/spool/samba/, no have files, This
> > folder should not have the files? i dont need now add drivers in
> > network.
> >
> >     [backup]
> >     path = /opt/backup
> >     read only = No
> >     create mask = 1666
> >     directory mask = 1777
> >     valid users = user_1, user_2
> >
> >     [printers]
> >     path = /var/spool/samba/
> >     print ok = yes
> >     guest ok = no
> >     valid users = user_1, user_2
> >
>
> Did you copy this from the Samba wiki ?:
>
>        # Default ID mapping configuration for local BUILTIN accounts
>        # and groups on a domain member. The default (*) domain:
>        # - must not overlap with any domain ID mapping configuration!
>        # - must use an read-write-enabled back end, such as tdb.
>        idmap config * : backend = tdb
>        idmap config * : range = 3000-7999
>
> If you did, did you miss (or misunderstand) this:
>
> You must add an ID mapping configuration for every domain in the
> [global] section of your smb.conf file. Please select from the
> following Samba domain back ends:
>
> You need to add either the 'ad' or 'rid' backend lines to your
> smb.conf. You will also need to remove sssd if it is installed.
>
> Rowland
>



-- 
<<<<<<<<<<<<<<<<<<<------------------------------------------------------------------->>>>>>>>>>>>>>>>>>>

< Disse-lhe Jesus: Eu sou o caminho, e a verdade e a vida; ninguém vem ao
Pai, senão por mim >
                                                             (João 14:6)

                                                                    Att.
                                        ♪ ♫  Luiz Guilherme Nunes
Fernandes  ♫ ♪

<<<<<<<<<<<<<<<<<<<------------------------------------------------------------------->>>>>>>>>>>>>>>>>>>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba