OpenSUSE Network :: Laptop Samba PDC User And Local User Access Their Own Data?
May 30, 2011
Take a physical user FRED. FRED is a linux user ( known by linux on his laptop ) FRED is a Samba user ( Known by samba on the samba pdc server ) When he logs locally (with username/password) on its standalone laptop (with no network), he is known as FRED:user. He access his data in /home/FRED/. When he logs through samba (with username/password) on the domain MY_DOM, he is known as MY_DOMFRED:MY_DOMdomain user. He access his data in /home/MY_DOM/FRED/. ) Is it possible that the human FRED has only one repository and have full access to its repository regardless of how it was connected. If yes, how to do it
2) If not, Is it possible that the human FRED has full access to /home/FRED/.............. and /home/MY_DOM/FRED/.
I found that if any usual user is logged into a NDS-tree, then _local_ root has full access to user's network shares, including the user's home directory located on remote Netware-server. Is it by design or have I missed something? Nevertheless in windows local admin has no access to network resources mounted of any other user. If you runas shell (as admin) then admin in principle can't "see" network shares which were mounted (connected) by other users - they are accessible ("visible") per session.
Continuing with my assigned task of migrating the company's PCs to GNU/Linux (openSUSE as server for GNU/Linux clients) I managed to set up a DC with roaming profiles for the few remaining Windows users, user validation and login for the openSUSE boxes and a few network shares with different rights. I know there are no roaming profiles for GNU/Linux and I can live with that but I would like to specify wich users/groups would have their home directories saved locally (notebook users) and which will save them on the Samba server.
By default home directories are saved locally but somehow Samba creates a minimal home directory for each user under /home in the Samba server. How can I tell the client box to use that directory? and how can I set up the few notebook users to save it on their disks? Maybe using the options under Yast > Security... > Users and groups management > Users (LDAP Users filter) > and then select the user and use the "Manage Samba account parameters" plug-in for specifying the different paths cant achieve this.
I have already windows 2003 server with active directory, with 200 + user accounts and each user has allocated a specific disk quota. Now i want to install suse on client side so that it can do all same things as windows clients does(active directory login and disk quota). I have downloaded 11.2 suse linux and installed all samba required pakages and also joined the windows domain (2003 server). how can i access my user space located on win 2003 server from my linux client machine.
Is it possible to give user only FTP access / browsing rights for certain directory within /srv/www/htdocs and prevent same user to browse all other directories, even user's /home directory on that server?
The goal is the following: I want one samba network share with all my family data. Multiple users should have access to this share from Win7 pcs but not all folders should be access able by everyone. The old windows server managed this by changing ntfs rights for these folders.
I've installed Samba and this recommended gnome utility (Ubuntu 10.4). First for testing I made a samba share with access right for everyone. Everything fine on Win... Then I only allowed for my user. Also worked after a little bit of playing with the global samba settings and the pw encryption... Then I created a new ubuntu user and configured a new samba user with the connection to this ubuntu user (like described in many tutorials using the samba config tool). I changed the access right of the samba share to allow the new user also but no connection was possible. At this point the original user was working from the same pc without any problem.
I started thinking of the windows time and decided to search for the file system rights like it was with the ntfs. I'm using ext4 by the way. I made chmod 777 -R from the new users login... (i'm not sure why there is no user dependency for chmod) I used chown -R but it seems that there is only one owner allowed so I switched back to my main user... I installed an additional feature called ACL and was able to set users and groups for the root folder but there is no possibility to recursively change all subdirs. I used such a ACL gui extension for gnome which is in the ubuntu repository to do that. It also wasn't helping for the problem that the new user has no access to the folder (even if I change the rights manually)
User A & B have access rights at least for the root of the share. Both users have a ubuntu and a samba account. Only user A is working with samba.
I've spent the last four hours trawling through the net looking for a solution to this. I know it's out there, I just can't find it. In Ubuntu 10.10 I have just created a windows network in Samba. I can see the network and my computer. The computer next to me can also connect to this Windows network. He can also see the network and he can also see me, but... How does he join the network so that I can see him? I just can't seem to add him.
Original HOWTO can be found at: [URL]... So the other day I was in IRC and someone had brought up a problem where they created a new Administrative user, but didnt have rights to use sudo. Looked into the problem a little bit to figure out what was wrong, and it turns out that when you create a new user through the user manager (in kubuntu, anyways. Havent tested in Gnome.) the user gets added to the adm group, however, a quick look at the sudoers file shows that its looking for users in the admin group to allow the use of sudo. So, to solve the problem we do the following: If youre on the new admin user (which Im assuming you are) use the following commands:
Code: su [insert username of old account without brackets] sudo usermod -G admin [username of new admin account without brackets] exit
Then simply logout, and then log back in (not always necessary, but the easiest way to flush the permissions.)
Code: su [insert username of old account without brackets] Means were going to Switch User to the old admin account Code: sudo usermod -G admin [username of new admin account without brackets] This simply adds the admin group to the secondary group list for the new user Code: exit Pretty self explanatory
I am currently working on a project related to packet sniffing which has been implemented using the concept of raw sockets. I am using C language.I am able to decode the following details from the packets received from a local network,like:
source and Destination Mac Address source and Destination IP Address source and Destination port no
But I am having trouble in decoding the domain name when an user in the local network is logging onto internet.For eg. if a user in the local network is trying to log on to web using his browser say if he has logged on to url then from the packet I need to get the following details
source Mac Address from which user had logged on source IP Address from which user had logged on domain name
I'm developing an application in which one user must run java software that I'm compiling as another user. I wanted to give user A permission to see the bin direcory of my workspace, which is in the home directory of user B. I was wondering how can this be done? I gave the bin direcotry full read/execute premissions, but since it's in my home directory user A can't navigate to it.
I know there are a few ways I could get around the problem but they arn't very elegant. I was wondering if there is a simple method for giving a user access to a specific directory without giving access to all the parent directories. I tried symbolic link but user A still can't access it, and a hard link to a directory isn't allowed in Linux. I don't feel like making a hard link to every single file in the bin directory, and I'm not sure that would work anyways, since every recompile overwrites them.
I want to set samba to act as domain controller PDC.Is it possible to create user profil in samba with rights to change network settings but not install software, create users.Something like network admin that is like normal user but he is able change network settings.
I'm running CentOS and I get an error when I plug in my usb flash drive.
A security policy in place prevents this sender from sending this message to this recipient, see message bus configuration file (rejected message had interface org.freedesktop.Hal.Device.Volume member Mount error name (unset) destination org.freedesktop.Hal)
How would that work when all of the users are network users(openldap)? So these are not local accounts.
I was using Ubuntu and installed Opensuse 11.4. I have installed Pidgin 2.7. I copied the old .purple directory from Ubuntu into my Opensuse home directory. But now the Pidgin is not reading the data, logs and configuration from the .purple directory.
Attempting to set up a Samba network from my SuSE 11.2 desktop to a windows laptop. Using YaST, a Samba server has been created, and allow users to share has been clicked. Identity is not a domain controller. no trusted domains have been set, and no LDAP settings have been set.
Right now, each computer can see the other over the network. When clicking on the network from windows, a window pops up requesting a user and password.
Konqueror sees both computers under smb://. It also has a window that pops up requesting user name and password. Where do I set up these user names and pass words?
I upgraded a Guruplug Display machine running Lenny to Squeeze. It's running Linux on a MicroSD device, running an ARM-cpu.
# uname -a Linux gplugD 2.6.29 #1 Wed Feb 16 17:59:04 IST 2011 armv5tejl GNU/Linux yeri@gplugD ~ $ cat /etc/debian_version 6.0.1
However, after rebooting, every non root user was unable to access anything related to the net.This means, DHCP failed to auto start, ntp is giving errors, etc
# ntpq -p localhost: timed out, nothing received ***Request timed out
Mar 27 06:07:44 localhost ntpd: ./../lib/isc/unix/ifiter_ioctl.c:348: unexpected error: Mar 27 06:07:44 localhost ntpd: making interface scan socket: Permission denied Mar 27 06:07:44 localhost ntpd: Too many errors. Shutting up.
gplugD ~ # ping 126.96.36.199 -c 1 PING 188.8.131.52 (184.108.40.206) 56(84) bytes of data. 64 bytes from 220.127.116.11: icmp_req=1 ttl=58 time=42.1 ms
When I start an upgrade or dist-upgrade from single-user mode, and walk away for a long time, I will have found that some packages insist on prompting for answers to questions midway through. That requires me to physically check the console periodically, and that becomes less practical for long upgrades.Is there a way for me to somehow remote into that console and answer any prompts that would popup? By "way" I mean not involving KVM switches or other hardware other than the LAN setup I have now (i.e., I am able to ssh into the machine being updated from another machine, but not when the machine is in single-user mode).
BTW, the reason I am using single-user mode is that, in the past, I have had problems with upgrading packages like GNOME when I am logged into the GNOME Desktop.
I managed to damage my 11.2 installation so it starts in the GUI mode only in failsafe mode. Actually I tried before to repair the installation, using the install DVD, but the automatic repair procedure failed. More than that, since then boot loader also seams to be "repaired" so that the Windows installation doesn't appear in the boot menu, but this is another thing.For me, now, the fastest way to get a stable system is to make a new installation. The biggest problem is that I cannot save/backup the emails and accounts settings in an elegant way. I'm using Thunderbird. Of course I would also like to save other apps settings.So is there a way to save user application settings so that I can used them after a new install? I had a look to the yast backup tool but these seams to be a way to archive files, or am I wrong?
How to create a user account on a Linux desktop machine with restrictions on connecting to the LAN, WAN, PCMCIA ports, Firewire, CDROM and generally any user controllable output options?
I have the task to set up a machine for users working with sensitive data that should not be leaving the machine where it is processed. This means disabling access to the ethernet device, lan, all other ports as mentioned earlier, and any other way of leaking the data.
In Mac OSX this was achieved using "Parental controls" from the System preferences; this even allows a selection of the applications that can be used. Under XP, Device Manager offers the option to click various devices and "Disable" them, which worked so far just fine. Some will point out that the latter mentioned OS may be easy to circumvent the security of in other ways, but that has been mitigated with other measures and it's not the point anyway. For the operator users in question, the aforementioned measure proved successful and worked.Using OSX and XP to do this was a 10-15 minutes job with testing included.
So far all guides and tutorials pointed to useradd, groups an facl, but in actual practical terms did not help at all, in fact most of the research did not render any practical results so far. I surely don't expect to point and click, and would gladly run a set of commands from CLI. If I had them. I would really would like to achieve the same restricted user account configuration in a concise, comprehensive and practical manner under Linux too. Preferably tested on humans before, and known to be workign, of course. The machines that need to be set up are two laptops running Ubuntu. So how can this be accomplished in Linux?
I am working as a Linux administrator in a very small data centre with 5 servers with following routine tasks.
1. Managing SAMBA shares and giving user specific access for the shares. 2. Scheduling backup of some mount points with rsycn to store data in remote hard disk 3. User and group administration, with sudo access. 4. Creating and Managing Xen Virtual machines and giving access to other project teams. 5. Automating some tasks with Shell Scripting. 6. Managing FTP server for user uploads.
I have practiced a lot in my home laptop without RHEL training, Cleared RHCE and LPIC1. I want to do some advanced system admin tasks, but do not have option in my current data centre. With Above skills is it possible to get a job ?
Installed a security update for samba tonight via Opensuse updater.Now, when trying to access my home network an authentication box pops up (never used to)Asks me to enter authentication for my home network.I enter my username and password and hit enter. After a few seconds the authentication box pops up again askingfor the same indicating I have entered the wrong username / password combination (which I know I have not).
I'll try not to be too wordy. Want to get my openSUSE 11.2 (fresh install) laptop to see my network shares ...not to be a server or share any files. I've looked at 50 websites and everything seems to be "server" and "share" oriented. Maybe I (newb) am confused by the terminology...
I have a router that provides DHCP. My LAN PC's consist of a Vista laptop, an XP DAW, and a Kubuntu file server. Somehow I got Kubuntu configured properly, all of the Windows machines can access it and vice-versa. The Kubuntu smb.conf does not work on this laptop, and it seems overkill -no shares needed here. And yes, I get DHCP and interweb on the laptop -posted this with it.
All I want is access to my (other) network drives from this (openSUSE 11.2) laptop. Not a server, not to share. This is easy... right? It's driving me nuts Is there a Samba configuration that will let me jump onto networks and surf Windows/Samba shares like any old Windoze box browsing Network Neighborhood? Do I have to be a Samba guru?
what is the correct way/procedure to re-create a user home directory. For instance, on a Mac/Windows machine, i would just rename the existing user profile [home dir], and then just log back in as the user - job done. On OpenSuse/Linux, it seems it does not work that way..?! When i try to rename my home folder to say me.old via root, and log back in as me, i get all kinds of errors. Opensuse does create a new home dir, but it appears not properly.