Web lists-archives.com

Re: [Samba] Samba 4 users - UID/GID - or how to migrate




On Sun, 13 Jan 2019 20:22:22 +0100
Anton Blau via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Hello,
> 
> I try to migrate my old SAMBA Installation to a new Installation.
> SAMBA is running. But my Windows users can see the shares but cannot
> open Files.
> 
> My old Installation /etc/samba/smb.con
> 
> ...
> 
> 
>         workgroup = DUCK
>          server string = %h server (Samba, Ubuntu)
>          interfaces = eth0 192.168.1.200/255.255.255.0 localhost
>          bind interfaces only = Yes
>          security = USER
>          map to guest = Bad User
>          obey pam restrictions = Yes
>          pam password change = Yes
>          passwd program = /usr/bin/passwd %u
>          passwd chat = *Enter\snew\s*\spassword:* %n\n 
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>          unix password sync = Yes
>          log file = /var/log/samba/log.%M
>          max log size = 1000
>          time server = Yes
>          unix extensions = No
>          printcap name = cups
>          logon script = %U\logon.bat
>          logon path = \\gustav\profiles\%U\winxpprofile
>          logon drive = z:
>          logon home = \\gustav\profiles\%U\w9xprofile
>          domain logons = Yes
>          os level = 255
>          preferred master = Yes
>          domain master = Yes
>          wins proxy = Yes
>          wins support = Yes
>          usershare allow guests = Yes
> 
> New (Proxmox LXV) with: /etc/samba/smb.con
> 
>         workgroup = DUCK
>          server string = %h server (Samba, Ubuntu)
>          interfaces = eth0 192.168.1.200/255.255.255.0 localhost
>          bind interfaces only = Yes
>          security = USER
>          map to guest = Bad User
>          obey pam restrictions = Yes
>          pam password change = Yes
>          passwd program = /usr/bin/passwd %u
>          passwd chat = *Enter\snew\s*\spassword:* %n\n 
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>          unix password sync = Yes
>          log file = /var/log/samba/log.%M
>          max log size = 1000
>          time server = Yes
>          unix extensions = No
>          printcap name = cups
>          logon script = %U\logon.bat
>          logon path = \\gustav\profiles\%U\winxpprofile
>          logon drive = z:
>          logon home = \\gustav\profiles\%U\w9xprofile
>          domain logons = Yes
>          os level = 255
>          preferred master = Yes
>          domain master = Yes
>          wins proxy = Yes
>          wins support = Yes
>          usershare allow guests = Yes
> 
> I think the problem is the mappig to the uid/gid of the new samba.
> 
> The user "testuser" on the old System has uid 500 and gid 100. I
> created my testuser - who can access on the old Installation on the
> new Installation:
> 
> samba-tool user create testuser --unix-home=/home/gerhard 
> --uid-number=501 --login-shell=/bin/bash --gid-number=100
> 
> 
> What is to to to get full access?
> 

Well, as you are using samba-tool to create users and your last post
was about setting up an AD DC, you could try setting up your Unix
domain member correctly and when you do, do not use such low ID numbers.
I suggest you read this:

https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member

Your smb.conf above is for an NT4-style PDC.

Rowland



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba