Server :: Samba Permissions And UID Mapping Woes
Mar 15, 2010
So I am trying to setup a Samba server to share out our SAN environment to our windows clients. This is my first time playing with samba, so running into quite a few obsticals along the way.
Environment:
SLES 10.3
Samba 3.0x (Original RPMs in distro)
My end goal is to allow anyone in our Active Directory environment to access the shared folders from Samba and map the File permissions to 755 and Directory to 777.First I tried just using Kerberos client and winbind and added it to the AD domain. This worked, but mapped the wrong UIDs (the standard 10000 series). Also the permissions were mapped all wrong.Then I had the great idea to use the Server for NIS on windows 2008, it makes the PDC run a NIS domain that is conjoined to AD. This really didnt work at all. I loaded the AD schema with the correct UIDs and all that good stuff, but didnt seem to take.
So how would any of you approach this?Should I keep trying the NIS config, or use Kerb and winbind? Can a box be part of a NIS domain and AD at the same time?
View 7 Replies
ADVERTISEMENT
Sep 11, 2010
This is a interesting confusing problem.Ok I have group with 3 users.I have a folder in /home with owner as root, and group that has read/write permissions.However if a user opens up a file and saves it via samba, the owner changes to the user, and the group members only have read permissions on the file.
View 4 Replies
View Related
May 20, 2010
I'm attempting to set up a Samba share on my lab's small server (Ubuntu Server Edition, 10.04). It looked easy enough, but the share that I set up didn't allow anyone to actually put anything on it: no uploading stuff, etc. (You can still upload files via the command line, so I implemented the unix extensions = no fix). The share is writeable and visible, and anyone can access it (according to the Samba GUI). According to the smb.conf:
[Share]
path = /home/something/Share
writeable = yes
;browseable = yes
guest ok = yes
The other Windows machines in the lab see the new server and its share automatically, although they can't make changes to it, like create a new folder in the share. Most of my lab uses Snow Leopard (OS X 10.6), and a few others use Windows. I can connect to the server using my MacBook either through the terminal or Finder -> Go -> Connect to server -> smb://blah.someplace.edu without problems.
I can do pretty much anything via the command line, but not through the Finder! If I want to create a new folder, it gives me an old-school error message (stupid blue face): "The operation can't be competed because you don't have the necessary permission." If I want to drag-and-drop a file from my desktop to the Share folder, I get a pop-up window (lock + blue face): "Type your password to allow Finder to make changes." If I do, then I get another pop-up: "One or more items can't be copied to "Share" because you don't have permission to read them. Do you want to copy the items you are allowed to read?"
View 3 Replies
View Related
Nov 17, 2010
I have a file server setup with samba integrated with swat management. The server isn't a domain controller. The file server is working well with the shares all working correctly except for one problem. I would like the users be able to manage the folder permissions from a windows PC. This can be done from a login as the root user if need be but, the key is that the system be manageable from the windows PC.
I have followed the instructions of multiple how to's but still get and error that access is denied when trying to apply permissions. I am able to search the server for users to add and the names resolve. What are the configurations that I should be looking at where the NT permissions in samba are configured. nt acl support is set to yes and any other acl settings used produce the same result.
View 2 Replies
View Related
Mar 19, 2011
I have set up a computer to use as a file server using Samba. I attached a 1TB hard disk to it and had the system to mount it automatically. I have 4 user accounts which will be able to access this network share. An administrator account is called "server". I'll call them user1, user2 user4. This is the folder structure:
+-/mnt/FILES
+-BACKUP
backup files (accessible only to "server" user)
+-MUSIC
music1.mp3 (read only files for all users)
music2.mp3
[Code]...
I don't know which groups I should create. I'm having a hard time setting file/folder permissions. And I wanted to know how to set Samba so that it won't ask for a password when accessing public/group files, but asks for it when accessing private user files.
View 1 Replies
View Related
Dec 30, 2010
I have a Samba server running on a box where I login to admin as user:
FRED
The Samba users are
SUE
JOE - Read only for specified paths (media playback access only user)
SUE can read/write to any directory under the share: Media
So all that is working fine. As long as I do file operations remotely as SUE everything works remotely. How can I make it to where everything SUE does over Samba FRED automatically has permissions to edit when logged in locally (or SSH)? Also, remember, Joe needs to be able to read where specified.
View 3 Replies
View Related
Jan 12, 2011
In my work I want to build up a Linux based network, where windows and linux clients are going to share a Thecus network drive.Each client will have specific permissions for accessing the samba shares. I have installed Ubuntu SRV 10.4 with gui and webmin.
View 1 Replies
View Related
Dec 30, 2010
The current situation:there is a samba PDC with ~50 XP workstations, all working fine for the last two years.The goal:Cycle older hardware back into production by installing ubuntu on them. These workstations must authenticate against the domain, and must automatically mount a public, a user, and a department share that contains folders with various group permissions.The added challenge:Since the office where this lan is located is closed for the next week or so, the ubuntu workstation I am testing with is connecting via a site-to-site VPN. This is soon to be mandated as a requirement anyway, so if not done now it will have to be done later anyway. I mention this since it *may* be something that could be interfering with the success of my mission, however, given what does work, I do not think this is my culprit.
What does work:Thanks to winbind, I can log into the ubuntu workstation via gdm with my domain credentials, and thanks to pam_mount my shares do mount correctly. I take this to mean my pam conf files are correct, along with nsswitch.conf.wbinfo -p, -a, -t, and -u work on the workstation. getent passwd returns DOMusers.listwbinfo -p, -t, -Y, -S, -G, -n, -s, etc, all work on the PDC. getent passwd returns a list from /etc/passwd and getent group returns a list from /etc/group.A remotely controlled windows workstation on the lan works as expected.
It appears that winbind is not able to parse the group permissions at all, not for the user, nor for the folders.The hope:is that someone can say that this problem of group permissions not being recognized has a typical cause (though several hours/days of google searching has revealed no such thing). However, I can provide a great deal of supporting information, as I have gone through documentation and testing extensively (though not extensively enough, apparently). For my own sanity, I put most things I tried into a text document so I could review it and look for errors in judgment, that doc ended up being some 1500 lines long, and doesn't include conf files. Rather than flooding this post, if someone is up for reviewing it, I can definitely make it and further supporting info available...
View 3 Replies
View Related
Feb 10, 2010
After what feels like weeks have tinkering around trying to get a Samba file server set up, I've finally given up! I have 4 drives and 2 groups:
1) Dev - Available to all users in both groups (normal and admin)
2) Misc - Available to users in admin group only
3) Admin - Available to users in admin group only
4) Accounts - Available to users in admin group only
Drives 1 and 2 are working fine, with the correct access rights. Drives 3 and 4 can be browsed by admins only, but no changes can be made at all - files & directories can't be renamed/moved/deleted. What is most confusing is that Drive 2 is set up exactly the same as Drives 3 and 4. The process I went through to get them working:
[Code]...
View 2 Replies
View Related
Nov 24, 2010
i'm setting up a common public folder on a file server, but I seem to be getting some permission differently to what I expected. The folder is /temp which is a separate drive. The fstab entry is:
[Code]....
View 5 Replies
View Related
Jan 28, 2011
OK, this is really little to do with Linux, as my question really involves my Vista Home machines. Anyone know good methods to have Windows Vista (Home Edition) machines stay mapped to a SAMBA share on a Linux server? I'm using user-level security on the server (Ubuntu Server 10.10), and it (generally) works really well, but I can't get the rest of my family to use it, as (understandably), they don't want to have to type in their password to the share every time they log in to the Vista machines (or my one XP machine left, for that matter), plus the problems when it occasionally decides it's already tried to connect once and failed, and refuses to "restore" the connection, ugh. I currently have one Win7 machine, and surprisingly, with the Win7 Home Premium edition, it actually "remembers" the passwords to the SAMBA shares.
View 2 Replies
View Related
Jul 11, 2009
I work as an system administrator for AIX and Linux servers. We have an FTP server running in Linux which has shared folders to Windows domain using Samba. The new requirement is to map users created to Linux machine to Windows users in such a way that, when a user logins into Windows machine with an ID say "X123" in domain "TEST", his access control to the samba shares should reflect based on the same user ID created in Linux machine.(FYI. Both the Windows and LINUX machines are in same network and domain). Please let me know the step by step procedure to configure Linux machine (smb.conf entries or any new file to be created for user mapping) to identify Windows user Login and provide access restrictions accordingly.
View 1 Replies
View Related
Jun 25, 2010
I can not manage file/folder permissions for created shares. I need get access from Win system to Linux shares. Actually I have access to its, but only to read folders and files. I tried to change permissions in create mask = 0765 and set it to 0777, but no success.
1.Added user
# adduser samba
# smbpasswd -a samba #set his password
# smbpasswd -e samba #activating it
2. Installing SAMBA service
[Code].....
Folder /media/DATA/VIDEO not browseable and cant't enter it on Win system. It located on USB External HARD Drive, and attached to Linux system.
View 7 Replies
View Related
Feb 8, 2010
I need to know is there any way to record or tracking or make logging if when user samba delete files or folders i can know that, cause sometimeon samba server some users complain they lost files, though i have daily backup and i can restore their files, i just want to know if or maybe some other users in one group accidentally move or delete the files.
View 1 Replies
View Related
Feb 17, 2011
I have a problem with file permissions over samba. I am running a web server, and this web server needs to be able to delete a file. The php code is correct, because it works on other sites. The php code is failing when it deletes a file because it is being ran as the www-data user. And the permissions on the files that are created on the share are as follows:
ns$ ls -l
-rwxr-xr-x 1 root root 129628 Feb 6 08:16 20110206071748532.pdf
This directory is mounted on:
/var/www/files/23982dbb7a454425ce17a22bedc00776/scanned/AEC_Scans
This is done with the /etc/fstab file:
//192.168.58.2/Scans /var/www/files/23982dbb7a454425ce17a22bedc00776/scanned smbfs username=administrator,password=somepass
[Code]...
View 6 Replies
View Related
Apr 6, 2010
I am using my Red Hat Linux 9 box for samba server. I want to connect samba dir with two different permissions.
View 2 Replies
View Related
Jul 3, 2010
we have configured snv in our server but when we tried to access our svn folder from client its saying path not found error.This is because apache is mapped to tomcat so when we tried to access svn by default it looks to some other path and displaying path not found error.My question is how to restrict apache from forwarding its request to tomcat or else how to stop the tomcat service. I am using centos and i tried with /etc/init.d/tomcat5 stop but it is not getting stopped.
View 3 Replies
View Related
Mar 22, 2010
i have an old desktop that i have decided to use as a central point for localhost/website files. I have 2 laptops, a ubuntu and vista, and i want them both to be able to see the public_html folder on my desktop, and be able to create/update folders and files.
I have set up the samba sharing and that's working fine, but when i create folders using my laptop, they are not writeable to the desktop or other laptop because my laptop is the creator. Is there a way that I can set it so that whenever folders/files are created from either laptop, they have full permissions?
View 2 Replies
View Related
Jun 6, 2010
When I create a new folder on my ubuntu machine and share it with my windows 7 machine using 'net usershare add <dir> <path>', I can't get write perms in Win 7. It keeps giving me a "You need permission to perform this action'. I've chmod the folder to 777 but still no luck.
The funny thing is, it was all working fine until I tried to add a new usershare yesterday (Can't think what I've changed). I use this sharing method to share all of my development /var/www/ folders so I can work on them from my win machine.
I have had a few problems with my samba smb.conf, and it nuked and rebuilt yesterday. I'm fairly new to the Linux game, and this permissions problem has me baffled.
View 1 Replies
View Related
Nov 18, 2010
I am trying to set up a Samba share on one of my machines where I am the owner and a special group manages permissions for read-only access ( me:specialgroup ). If I log into the share as me, there is no problem (I have read/write privs as per usual). However, I am not able to log into the share using any of the group members (there is only one currently). That user is not able to access the share (failed to mount).
The folder (which is the share) is owned by me:specialgroup and the permissions have been forced down the folder. Samba is set to Share this folder with no guest or others write access.
View 9 Replies
View Related
Jan 10, 2011
I have a question regarding Samba Permissions. As the subject described, is it possible to let users read the file but can not copy the file physically? It's fine if they open and copy paste the contents but no physical copy paste and also I need to log the activity of the users. If samba will not be able to comply my needs, could you suggest some programs to meet my requirements?
View 3 Replies
View Related
Jan 14, 2009
I have a user community of about 2000 users and a samba server running on AIX that currently hosts a read-only share for the whole company.
[Released]
path = /mypath
guest ok = Yes
But now I have been requested to make this share available as read-only for some users and completely inaccessible to everyone else. The number of users who will have access is probably a few hundred and I expect users to be added/removed on a daily basis. Some of the users have unix logins, while others do not. Because of this, I hesitate to mess with user mapping because I would have to manage this every day, unless I do something with a script.
Can someone suggest a scheme I can use to deny everyone except for certain users without having to use user mapping?Someone here in my office suggested we use hosts allow or deny, since the users who will still have access are located on the same subnet. However, there is a distinct possibility that a small number of people on a few other subnets will need access. Is there a way I can specify hosts allow but still allow specific users from other subnets?Forgive me if this question has been asked before. I'm sure it must have been, but I am having trouble doing a search of the archives that will give me advice about this particular problem.
View 2 Replies
View Related
May 9, 2011
recently we got a Dell/EMC DX300 storage I want to use it on a HP g4 with CentOS 5.6 and an Emulex LP HBA
* on the storage side the server is logged in, and registered with a RAID6 LUN (0)
* on the server side, the HBA driver (lpfc) is loaded & working
how can I use the SAN directly (WITHOUT multipath/powerpath/... -for first step/testing-)??? I don't have any associated device:
lsscsi:
...
[5:0:0:0] disk DGC VRAID 0226 -
nor in the /dev/disk/by-path or ../* folders
View 5 Replies
View Related
Oct 26, 2010
I'm configuring a postfix server for the company I work for and have a question about limiting access by IP address.
First off, we're not using this for SPAM. We're a manufacturing/direct marketing company and will use the email server to contact our salespeople. We do not send UCE. That said, we have had problems in the past with our legitimate email being labeled as spam by a few carriers. This email server is being setup specifically to avoid future problems on that type.
Because of the nature of our business we operate several domains. We want to be able to limit outbound email for a given domain to a single IP Address. For example, say we have have 3 domains - a.com, b.com and c.com - and 3 IP addresses - 1.2.3.1, 1.2.3.2 and 1.2.3.3. We want to set things up so that a.com can only send out email on 1.2.3.1, b.com can only send out email on 1.2.3.2 and c.com can only send out email on 1.2.3.3.
My first impulse is to set these up as virtual domains on the Postfix server but I'm not sure that's the best method. Are there alternatives? What are your recommendations for doing this?
View 7 Replies
View Related
Sep 3, 2010
How can I set permissions for users within the share?
Example: I have a share called Programming and some user can create folders within it most others can not, can read the documents.
How do I set permissions?
View 2 Replies
View Related
Jan 14, 2010
From a Win 7 client, I can copy/create/delete any files on any share on the Ubuntu Samba server so long that is part of my nix file system which is all ext4.This box also has and NTFS partition on it primarily for storage. I can copy/create/delete anything on this partition form the same Win 7 client with the exception of Quickbook save files.I have scoured the web looking for anything close to this but have yet to find anything that looks similar. Not lloking for a direct answer but if there is anyone else that has issues copying specific types of files to a Samba NTFS partition.
View 3 Replies
View Related
Sep 9, 2010
what I am trying achieve is read/write access for my MS domain account and read-only access for everyone else. In smb.conf I have this:
Code:
map to guest = bad user
usershare allow guests = yes
username map = /etc/samba/smbusers
[code].....
I can access this fine with my MS domain account, what I can't work out is how to give others read-only access to the same share. I guess I could create a second share for the same folder with a different name and permissions, but that seems a bit clunky and I'd have to remember to pass on a different name to the one I am using. I also tried using the Nautilus right-click "Sharing options" and then setting the folder permissions. This works fine for giving others read-only access, but loses capitalisation of the share name and doesn't seem to recognise my MS domain account as being valid.
View 1 Replies
View Related
Oct 13, 2010
I'm trying to set up my samba server so that all the shares are visible to everybody but that some shares can only be accessed by certain users. I have a folder Video that everybody can access without a username or password. I now want to create a share that only I can access called webserver.
This is my samba.conf
Code:
[global]
dns proxy = No
netbios name = DATABOX
guest account = nobody
restrict anonymous = no
browseable = yes
server string = server
workgroup = WORKGROUP
public = yes
security = share
[Video]
Writeable = yes
Path = /media/data/Video
Public = yes
[webserver]
Writeable = yes
Public = no
User = malteser
Path = /media/data/Webserver
Windows does not let me enter a username or password. I'm pretty sure this used to work.
View 1 Replies
View Related
Nov 16, 2010
First let me say that Lubuntu is a lightweight version of Ubuntu, so there is not much point in loading it up with unnecessary packages. If you just want to share printers on a Linux network, you don't need Samba. And if you just want a way that users can "push" files to others on a network, use Giver (+ Avahi) as this is a better option. Especially as it sorts out file permissions for you.
To enable file sharing on a Lubuntu 10.10 machine, go to Preferences > Synaptic Package Manager and add the following:-
* samba
* system-config-samba
* gvfs-bin
* gvfs-backends
...accepting any dependancies, 11 packages in total.
I suggest you re-boot now. As an initial test, go to file manager (pcmanfm) and enter:-
smb://localhost
You should see the local print$ folder listed.
To access folder shares remotely
* open file manager (pcmanfm)
* enter the IP address or computer name of the machine you wish to access
e.g. smb://192.168.0.99 or smb://print-server
To share a folder:-
Go to: Preferences > Samba (enter password when requested)
In the Samba Configuration screen:-
* File > Add Share
* use Browse... to select folder to be shared
* Tick "Visible" and (if required} "Writable"
* In the "Access" select "Allow access to everyone"
Set the Linux permissions:-
* locate the folder to share in file manager
* right click on the folder and select Properties > Permissions
* set the required permissions, e.g. Other: Read & Write (to allow anyone full access)
View 7 Replies
View Related
Mar 28, 2011
Files saved on our ubuntu server via samba server are all being created/saved as read only (-rwxr--r--). The users are MAC Users who are connecting via finder.I have taken 2 steps:First I added the lines "umask 0000" to the .bashrc files in the users' home directories.Second, I have modified the /etc/samba/smb.conf file such that I set "create mask = 0000" and also "directory mask = 0000" but the files are still being created as "-rwxr--r--".
View 1 Replies
View Related
