Server :: Samba - Groups: Cannot Find Name For Grou?

Feb 2, 2011

I'm having the following problem:I have a machine logging into Win2003, which is working to authenticate. But when any user logs in, it appears some ID's that do not exist.

Example:
root @ ubuntu: ~ # su - nomades
groups: can not find name for group ID 10003

[code]....

View 1 Replies


ADVERTISEMENT

Server :: Samba Force Multiple Groups

Jun 21, 2010

I am currently using the following code in order to set a user's primary group in samba.Code: force group = +group.This almost does what I need but I was wondering if it is possible to list multiple groups. Something like this would be exactly what I need.

Code:#If user is in group1 set it as primary group, if in group2 set it as primary.force group = +group1, +group2. Does anyone know if this is possible or if I could use a script to force the primary group?

View 2 Replies View Related

Server :: Samba Shares And The Notion Of Group Of Groups

Feb 9, 2011

this is really a brainstorming thread seeking advise on how to setup some samba shares within a small office network. For the quick judgers:

-no I'm not an IT expect and I'm not even the IT at the office, I just fill in this gap too.
-I have looked into several samba 'by example' tutorials - none seems to fit my needs or answer some of my Qs.

So I seek advise from your experience: What do I know:

-the functionality of the setgid to have subfolders inherit the group owner of the parent folder
-the fact that I don't want samba in 'share' level in order to register the owners of files
-the functionality of acls that enables inheritance of rwx permissions to subfoldrs of a parent folder.
- the groupmod -o option but that doesn't help apparently.

So this is a 25ppl civil engineer consulting office. The physical groups of ppl working here are: engineers, drafters (those who generate the drawings , i'm not sure if thats the correct term), and secretaries. The job usually is done in the following way, once a project commences a project folder gets generated and everything is done in there. incoming mail arrives there (secretaries put it there), engineers do they calculations on speadsheets, write reports and do draft drawings and, finally, drafters take the draft drawings and finalize them. So pretty much everyone of these 3 groups needs write access to the main project folder.

How do I accomplish that? as which group should I create the project folders? It came to mind the notion of group of groups. Now that the actual owner of the file is not so important anymore (several engineers will need to have write access to the folder) and group becomes important, it would be nice to have the ability to add... groups (instead of users) to groups! so that the permissions to a group are inherited by its children groups... Does such functionality exist of can it be implemented somehow?

How do I go about giving access to everyone and at the same time, NOT giving up on the 'user' secutiry level of samba (and NOT just giving rwx permission to 'others'? Is it possible? or Should I instead forget about individuals and match the 'physical groups' to 'linux users' and 'groups of groups' to 'linux groups'? ( This means I should give on ownership of files by individuals )? Since its a small office some work is mixed - engineers might pickup incoming email, a secretary might do abit of drafting work etcetc.

View 4 Replies View Related

CentOS 5 Server :: Samba 3.0.33-3.29.el5_5 + Winbind: Cannot Use UNIX Groups As Valid Users For Shares

Sep 11, 2010

I have setup a Centos5.5 VMWare guest with Samba and Winbind for Active Directory integration, using GUI tools. Authentication works flawlessly, with automatic home directory creation. What I want to achieve now is using local UNIX groups to controll access to shared folders, to avoid bothering AD administrators with groups management. This is my smb.conf global section:

workgroup = COGITANS
password server = domainserver.hq.cogitans.it
realm = HQ.COGITANS.IT
security = ads

[code]....

'finance' is a local UNIX group where I added user 'COGITANSalberto' (I also tried with 'alberto') as a secondary group (primary group is 'domain users' and it cannot be changed). I am sure the user is added, because it is listed in 'getent group'. If I specify user COGITANSalberto in valid users it works, i.e. only that use can access the share, the others get a NT_STATUS_ACCESS_DENIED error. But if I use +finance, access is denied to everybody, and this is the log:

[2010/09/11 14:12:37, 10] smbd/share_access.c:user_ok_token(211)
User COGITANSalberto not in 'valid users'
[2010/09/11 14:12:37, 2] smbd/service.c:make_connection_snum(617)
user 'COGITANSalberto' (from session setup) not permitted to access this share (finance)

[code]....

It seems like winbind cannot recognize finance as a local group. For the same reason, I guess, 'force group = finance' does not work either (files are created with 'domain users' group ownership). My /etc/nsswitch.conf:

passwd: files winbind
shadow: files winbind
group: files winbind

Grants and ownership on the '/repositories/shared/finance' folder are

root:domain users with permissions 775

View 2 Replies View Related

Debian Configuration :: Samba: Sharing A Folder With Multiple Groups?

Aug 30, 2010

I have a folder, called Vault, that we want to share only with certain people. Because it will contain confidential information.

I want the unix group trustees to have read-only access I want the unix group administrators (and root) to have read/write access

All other users should have no access.

the implementation I have so far is:
folder owner: root:administrators
folder permissions: 770
section from smb.conf

[Code]....

However, this is not working as expected. It currently works as follows:

Normal user: No access (expected) Trustees member: No access (fail. Trustees should be able to read) Administrators member: Read/write access (expected)

View 3 Replies View Related

CentOS 5 :: Get System-config-samba To 'see' Winbind Users And Groups

Jul 14, 2009

I have a Samba File Server that can authenticate users in my Windows AD to log into the server. Anyways, I have a good amount of Windows Admins on staff but our org wants to cut budget so our first "slash" as it were is cutting down the actual Windows based File Servers.So my question is, now that I have this test server up and authenticating for logins using Windbind....is there a way I can get system-config-samba to "see" winbind users and groups so that file servers can still be "point and click" for my Windows Admins?

View 3 Replies View Related

Ubuntu Servers :: Can't Find Samba Server?

Jan 17, 2011

I have Ubuntu 10.04 Server running on an old pc in my basement. I installed samba and samba4 on it. I added users, etc. However, i cannot find it in my network locations on my Ubuntu 10.10 laptop

View 3 Replies View Related

Networking :: Windows Cannot Find IP Address Of Samba Server

Jan 26, 2011

We are running samba on a Fedora release 8 (werewolf). The samba server is located on a dmz subnet off of my Cisco ASA 5510 firewall. From my inside network I have no problems connecting to the samba shares. However when someone uses a VPN connection they cannot connect to the samba share. VPN users are assigned an address from a pool which has no problems getting to the dmz based samba server. All ports required are open on both firewalls (Samba server and PC with VPN connection.) I consistently get an error saying Windows cannot find the ip address of the samba server. I have looked at the samba logs in varlogssamba and found a complete list of connection attempts listed by ip address. These addresses match the pool addresses that are being assigned by the firewall when someone tries to connect using the vpn.

Each entry has this:
lib/access.c:check_access(327)
connection denied from (ip address that is assigned by firewall)
smdb/process.crocess_smb(1062)
connection denied from (ip address that is assigned by firewall)
I checked the smb.conf to make sure the subnet the pool addreses is listed in the global section. It is.

View 7 Replies View Related

General :: Find Log Of Deleted Files From Samba Server?

Sep 16, 2010

How to find detail logs of deleted file or folder from Samba Server?

View 1 Replies View Related

Server :: Samba And Karmic - Can't Find Network Path

Mar 8, 2010

a new hardisk and a reinstall later I find myself face with 2 problems now. firstly I followed, [URL]... which seemed to work fine, accross the network I can "see" all the workgroup computers. Now try login to karmic's or (other linux box) jaunty, can't find network path. tried turning off the firewalls, still no go. the two linux boxes can chat merrily, and the 2 windows boxes can chat, but to each other. however after fidling a bit , on karmic i now get

Quote: Could not display "network:///" Nautilus cannot handle "network" locations

so firstly how do i reinstall everything, the how deal with windows.

View 3 Replies View Related

General :: How To Mount Remote Samba Share From Local Host With Multiple Groups

May 6, 2010

I am using mount.cifs to mount a remote samba share (both client and server are Ubuntu server 8.04) like this:mount.cifs //sambaserver/samba /mountpath -o credentials=/path/.credentials,uid=someuser,gid=1000.I mounted a user from local system with username and password with mount.cifs but the problem is that the user is part of multiple groups on the remote system and with mount.cifs I can only specify one gid. Is there a way to specify all the gids that the remote user has?

Mount the remote samba with multiple groups on the local system?Browse the mount from 1) with the terminal since I want to pass some files from samba as arguments to local programs.which runs through gvfs; but the newer gnome does not write to disk the ~/.gvfs anymore so I can't browse it in terminal. And the last solution would be NFS but that means that I have to synchronize the uids and gids on the local system with the ones from the server.

View 1 Replies View Related

Ubuntu Servers :: Groups: Cannot Find Name For Group ID 10000

Feb 5, 2011

I've installed OpenLDAP and libnss-ldap, as instructed in this tutorial. Then I try to login but I got the error

Code:

groups: cannot find name for group ID 10000

Here's the user and group ldif entry that I use to login

Code:

dn: uid=iwan,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount

[code]....

View 7 Replies View Related

Ubuntu Servers :: Get A List Of Both The Local Groups And The Groups In The Active Directory?

Feb 4, 2011

I already know of a work around to fix this problem, but I guess my question is why is this not working as expected? I am using a Windows Server 2008 R2 Active Directory for authentication.

I have run auth-client-config for the ldap profile and pam-auth-update. When running getent passwd, I get a list of both the local users and the users in the active directory (with populated information in the Unix schema extension). When running getent group I get a list of both the local groups and the groups in the active directory (with populated information in the Unix schema extension).

Interestingly enough, though, when I run su DOMAINUSER, after the prompt for the password I get an authentication error. In /var/log/auth.log I can see an entry with pam_ldap: missing "host" in file "/etc/ldap.conf". The SRV records in the DNS servers resolve correctly. I've checked this with nslookup and I have seen the records within my zone file. Obviously if the ldap.conf file is working with getent and the ldap server is resolving from the SRV records, it is working fine.

The interesting part is that the Windows Server 2008 R2 AD machine shows in the event viewer that there was a successful authentication, yet the Ubuntu box says no. When I add the host within the ldap.conf file, everything works...getent and the actual authentication, either initial login or su.

[Code]...

View 1 Replies View Related

Ubuntu Servers :: Mapping UNIX Groups To Windows Groups?

Oct 12, 2010

I am currently trying to set up a Samba domain server. In the Samba-HOWTO-Collection I found an
example file.(Point 3.3.3.1) In the explanations of the example below, the author says I need to map UNIX Groups to NT Groups. He writes a shell-script of how one could do it, but when I copy it and then execute it, I get the error:

Bad option: rid=512
Bad option: rid=513
Bad option: rid=514

The other groups do get mapped, just the Domain Admins, Domain Users and Domain Guests dont. This is the shell from the HOWTO:

#!/bin/bash
#### Shell-Skript f ̈r sp ̈tere Verwendung aufbewahren
net groupmap modify ntgroup="Domain Admins" unixgroup=ntadmins rid=512
net groupmap modify ntgroup="Domain Users" unixgroup=users rid=513
net groupmap modify ntgroup="Domain Guests" unixgroup=nobody rid=514

[Code]...

View 2 Replies View Related

General :: Samba File Permissions For Multiple Groups In The Same General Path?

Nov 4, 2009

I'm using my Linux (SLES 10) server as a File Server at this point. I need to set File Permissions to nested folders differently to different groups. For example:

homesharedengineering* should be read only for groupA
homesharedengineeringadmin should be read & write for groupB Plus read only for groupA
homesharedengineeringautocad should be read & write for groupC Plus read only for groupA

I've been using Webmin and Putty to set permissions but Putty only allows me the Default Group, it won't allow me to set several groups on the same directory. Webmin seems to allow me to add multiple groups (Webmin --> Others --> File Manager --> Info & ACL tab will provide extended abilities) but when I add multiple groups, they don't seem to take effect? I'm wondering if my setup at the 'Share' level or at the hierarchy of my folder structure (unix based) needs to be set specifically?

View 1 Replies View Related

General :: LFS /tools/bin/groups Not Displaying Supplementary Groups?

Jun 8, 2010

So i am at the stage of about to install the basic system and am using a derivation of the package management provided by Matthias S. Benkmann. To this end I am using his useradd and groupadd scripts to update the files:

/etc/passwd
/etc/group

My issue is that when I run the commands(created as part of temporary system when installing coreutils):

Code:

/tools/bin/su linux
#then as user
/tools/bin/groups

(here linux is the name of the user) This only returns the user being in the group named after user but not the additional group of 'install' Also, prior to logging in as user, if I use this command as root:

Code:

/tools/bin/groups linux

linux install This then returns that the user is in the correct groups. Lines from relevant files look like:

Code:

#/etc/passwd
linux:x:10000:10000::/usr/src/build:/bin/bash
#/etc/group

[code].....

View 8 Replies View Related

Server :: Log User Samba Who Delete Or Move Files/folders On Samba Server ?

Feb 8, 2010

I need to know is there any way to record or tracking or make logging if when user samba delete files or folders i can know that, cause sometimeon samba server some users complain they lost files, though i have daily backup and i can restore their files, i just want to know if or maybe some other users in one group accidentally move or delete the files.

View 1 Replies View Related

Ubuntu :: Setup SAMBA On 8.04.3 Server And XP Says "Windows Cannot Find ' \ubuntushare'....."

Feb 16, 2010

set up SAMBA on 8.04.3 server? I've been at it for literally hours! Here is my smb.conf file:

[Code]...

My server name is "ubuntu", if I try \ubuntushare in XP it says "Windows cannot find ' \ubuntushare'....." All I want is a very simple setup to share my www folder over my private network, really not worried about security as there's only me on it!

View 2 Replies View Related

CentOS 5 Server :: Cannot Create Groups In Directory Server?

Feb 25, 2010

I have a centos 5.4 64-bit machine. I installed the directory server following those steps.
I then added some users using the Centos Management Consolecentos-idm-console -a http://localhost:3890 &

View 3 Replies View Related

Server :: FTP Permissions For Several Groups?

Aug 1, 2010

I have a FTP server (vsftpd), and would like to setup different file permissions for different groups:

-"ftpusers" group should only be able to browse and download.

-"ftpadmins" group should be able to browse, download, AND WRITE (RNFR, RNTO, MKDIR....).

Let's say my main directory is /var/ftp/docs/. It should be accessible by "ftpusers" group, but only writeable by "ftpadmins" group. Other groups or users may not access it. Which permissions and ownership should I give? My problem is that the dir can't be owned by two groups...

View 2 Replies View Related

Server :: Possible To Nest Groups For Users?

Dec 23, 2010

Is it possible to nest groups so that users can access directories owned by other groups?

View 1 Replies View Related

Server :: Add Users To Groups With Ldap?

Jan 18, 2010

how to add users to groups with ldap? Further, could someone point me towards some good command-line management tools? Creating each dn manually is going to get old real fast...

View 14 Replies View Related

Server :: LVM Planning - Disadvantage To More Volume Groups?

Apr 28, 2009

I've been using LVMs on some of my Linux servers for years without fully "getting" them. Doing a lot of things by rote. As I setup a new RAID though, I realize I don't have to be so rigid. I inherited a mission critical server with five independent disks

Code:
/dev/sdb1 /usr1
/dev/sdc1 /usr2
/dev/sdd1 /usr3
/dev/sde1 /usr4
/dev/sdf1 /usr5

I've bought an external RAID5 box that I plan to migrate the data to and was planning on this layout.

Code:
Method 1
VGLogVol
/dev/sdb1/usr1 -> usr1disk1
/dev/sdc1/usr2 ->usr2disk1
/dev/sdd1/usr3 ->usr3disk1
/dev/sde1/usr4 ->usr4disk1
/dev/sdf1/usr5 ->usr5disk1

Mainly because the 1 to 1 correspondence is easy for me to understand, and what I'm used to. But I realize it doesn't have to be that way, and I could have one VG with all the LVMs as parts of it, i.e.

Code:
Method 2
VGLogVol
/dev/sdb1/usr1 -> arrayusr1
/dev/sdc1/usr2 ->arrayusr2
/dev/sdd1/usr3 ->arrayusr3
/dev/sde1/usr4 ->arrayusr4
/dev/sdf1/usr5 ->arrayusr5

Is there any advantage to one way over the other? Would using one VG with multiple LVs be kind of like "putting all my eggs in one basket"? Do more VGs and LVs introduce unwanted overhead into the LV Mgr that should be frowned upon? If both methods are equal, I go with the method1. Just more clear to me. But now that I understand the second, I could go that way, if there's a compelling reason.

View 5 Replies View Related

Server :: Differentiating Volume Groups - New RAID

Jul 1, 2009

I'm experimenting on a new 5.7TB raid we got for one of our servers before it goes into production. I'm carving the space up into Volume Groups and Logical Volumes. Below is some sample output:

[root@server newhome]# vgdisplay
--- Volume group ---
VG Name extraid_sdd1
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 2
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 1
Open LV 1
Max PV 0
Cur PV 1
Act PV 1
VG Size 1.82 TB
PE Size 4.00 MB
Total PE 476804
Alloc PE / Size 476804 / 1.82 TB
Free PE / Size 0 / 0
VG UUID LJPJVE-fekS-crS8-uugk-l13z-0NG0-FWv3M3

--- Volume group --
VG Name extraid_sdb1
System ID
Format lvm2
Metadata Areas 2
Metadata Sequence No 4
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 1
Open LV 1
Max PV 0
Cur PV 2
Act PV 2
VG Size 3.64 TB
PE Size 4.00 MB
Total PE 953608
Alloc PE / Size 953608 / 3.64 TB
Free PE / Size 0 / 0
VG UUID kzlLN4-PyrX-LYUS-h1Tc-1S9F-jVV0-XU5tcK

Because I created this, I know that the second 3.64tb Volume Group, extraid_sdb1, is composed of two physical volumes, /dev/sdb1 and /dev/sdc1, each one 1.82TB in size. My question is, if I hadn't made this and had to work backward, how could I discover that info? I can see that the second VG is composed of 2 PVs by the "Cur PV" line. But if I didn't know that they are my /dev/sdb1 and /dev/sdc1, how could I break that out, as well as their sizes? If it matters, this system is running FC6.

View 1 Replies View Related

Server :: Restrict Web Accessing To Different Groups For Different Sites In Squid 2.6?

May 19, 2010

i have seven department in my office. i want to restricte web sites for all the departments but not same web sites for all the departments i.e. different sites for different departments.i have no idea about this issue.

View 1 Replies View Related

Server :: Ownership For Multiple Groups To A Single Share?

Feb 4, 2010

I have configured a file server with samba and winbind in RHEL5.I am able to allot permission for the active directory groups to my Linux folder.No issues.But i want to set multiple groups of active directory to get ownership to a single directory. Say there are 3 groups a,b,c to have permissions to a folder of the Linux machine.

Code:

chown -R root:Active_directory_group_name path_to_linux directory

I have set

Code:

chmod 770 /myshare

meaning that user and group would have full rights to /myshare

Code:

chown root:a

works great I tried with the option of

Code:

chown -R --reference=/etc/shares_own.txt /myshare

In reference file(shares_own.txt) i gave the entry as

Code:

root:a,b,c

This is not working.

View 7 Replies View Related

CentOS 5 Server :: Making A Local Repo With Groups?

Apr 9, 2010

i just installed centos 5.4 and trying to make my local repo have groups listing of packages like the mirrors do

so i can make an spin off of the OS to my needs for web servers only / so on but
i cant get my head around the groups making part of the creatrepo

does anyone have any tips or hints or know how to make group listing of the packages

i copyed the DVD to hard drive and the repo .XML files they came with it and tryed that way but no luck yet

im running out of things to try

View 5 Replies View Related

Server :: Importing NIS-Groups From NIS-Server

Jun 4, 2010

I'm trying currently to connect an Ubuntu-Box (10.04) to our NIS-Server.A few (open-)SUSE-Boxes are working since years with that NIS-Server.The (NIS-)Users can now login to the Ubuntu-Machine, but it seems that the Groups of the NIS-Server aren't imported correctly. I have a NFS-Share which I export from the NIS-Server to all the clients..What can be wrong with the configuration of the ubuntu-machine?

View 4 Replies View Related

Server :: File Access Permissions - Working With Groups And Users?

Sep 15, 2009

Having set up many windows servers with complex permissions on shared folders, I now have to do the same in Linux (and I'm such a noob to Linux) I understand that each file/folder is assigned a user + group, and that the rights can be set for the user, the group and global (aka everybody else) My challenge is this, inside my shared folder there is a folder that should be RW to some users, READ ONLY to others, and not accessible at all to the rest of the users. (lets call the folder MyFolder ) All 3 groups have more than 1 user, so they have to be groups (right?) How would this model work in Linux ? If there is no other way, I guess I can nest the MyFolder in a folder that has permissions to allow all users that may access MyFolder, and block the rest, then on MyFolder, set owner group the RW users, and set global to READ ONLY.

Ps : The server I'm setting up runs Debian Lenny, files will be accessed from windows workstations using samba.

View 2 Replies View Related

Server :: Define A Global Group Made Up Of Other Groups In LDAP?

Apr 13, 2011

I'm trying to create a group called Domain Users, that will include several other groups that are populated with users inside of the LDAP database. In the LDAPdatabase, for a group entry, there are memberUid entries that can be filled. When I try to use another "Group" name, it just lists that name and not the people in that group. So if group "A" has Jim, John, Sue, and I include group "A" in the memberUid of the Domain Users group, I want that to reference the people in that group, not the group name. Testing access right, having the group name listed in "Domain Users" group, does not grant user access under the group rights on a directory. Should be simple, but I don't know the syntax to use for this reference.

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved