Software :: Mapping Linux Users With Widows Users Using Samba
Jul 11, 2009
I work as an system administrator for AIX and Linux servers. We have an FTP server running in Linux which has shared folders to Windows domain using Samba. The new requirement is to map users created to Linux machine to Windows users in such a way that, when a user logins into Windows machine with an ID say "X123" in domain "TEST", his access control to the samba shares should reflect based on the same user ID created in Linux machine.(FYI. Both the Windows and LINUX machines are in same network and domain). Please let me know the step by step procedure to configure Linux machine (smb.conf entries or any new file to be created for user mapping) to identify Windows user Login and provide access restrictions accordingly.
Samba up and running on my pc. pc runs FC12 with kde. A laptop has win vista. The pc can access the shares on the laptop but the laptop has authentication issues to access the pc. Note that windows doesnt enforce authentication forincoming network connections.Using the system-config-samba util i tried to map a windows user to the unix user "feduser". The laptop (named LAPPY) has a user (lapuser) which has on windows no password.What should I tell samba config what the windows username should be? lapuser or LAPPYlapuser doesnt work because when accessing the pc via the laptop, the authentication fails. The only auth that is successful is when choosing the same winusername as the unix username.
Secondary, id like to setup the laptop so that the user doesnt have to provide a name and password, or at least not more then once in the lifetime of the laptop. Note that you cant provide an empty password to system-config-samba. How is that possible?
Strange but not really on issue imho:the samba - KDE control module(kcmshall4) (and the smb.conf) shows 2 shares: the homedirs and the data dir the samba server configurator (system-config-samba) shows only the datadir.
If I want to add Windows & Mac users as Samba users, must I first add them all as Ubuntu users? If so, since none of the other users will actually be working on the Ubuntu Server, how do I disable the other non-admin users on the Ubuntu Server login screen. I am using Webmin to administer some server settings, and command line for others.
Problem: I need to map directories to a user's home directory when they log in.
For example, I need to map /school/homework/ to user "steve" in his home directory when he logs in. I'm guessing I could use a logon script, but I can't figure out what command I should be putting in the script. I've been searching for hours through man pages and googled it a ton and can't find anything on it.
Im looking for a script that could help me create linux users on my server online using a website.Anybody know where i could find one?or how to make it? not the best with coding doh
Is there any way to limit x number of samba users by samba ? Say if there are already 5 samba users using the share, I would like to restrict any futher samba requests.. How do i do that ?
How to created users in pureftpd and the users are stored in mysql database. I tried when i try to connect i got like this error authentication failed error
Is it possible to have a folder on user A's GroupWise mailbox that user B can access with as much permisions as user A but user B cannot access the rest of user A's mail?
i have a Domain Cotroller installed on Windows & DHCP Server installed on Ubuntu. i want to give access only authenticated Users(Active Directory Users) can get IP from DHCP. No one else canis there any option available here in DHCP ???
how to map all domain users form group Domain Users to local group users (and maybe some more)? Im using Ubuntu 10.04 x32. Its connected to my domain using Samba and Winbind, I can login using my domain credentials, automatically map user folder form DFS server, but I think that domain users have too much priviledges in the system and want to restrict them as much as possible
i have a NIS master server and 4 NIS clients. out of 4 nis clients two are acting as login servers ie users will login and do all their stuffs and the remaining two are application servers. But sometimes users login into applications servers and started doing all their developer's job. i want to allow only a limited number of users tointo this application users not all the users who are all part of the nis domain.all the systems are running RHEL 5.4 on hp's proliant x86_64 based servers. Please advice me how should i proceed? enabling ip tables is not possible in my environment.
When I have different people log into our ftp and browse to the same folder, some people see the files inside, some don't. all the user accounts are in the same group, which has permission to this folder. but the one user who can see the files is the owner. how can i fix it so everyone in that group who's the owner of the folder can see the files?
We are trying to set up a classroom training environment where our SIG can hold classes for prospective converts from Microsoft/Mac. The ten machines will have /home/student01..10 and /home/linsig01..10 as users. We want /home/student01 to be able to explore and sudo so they can learn to administer their personal machines at home. We don't want them to be able to modify (sudo) /home/linsig01. I've seen the tutorial on Access Control Lists but I'd like other input so we get it right the first time.
I've done all this config [URL] This config for the "foo" folder:
("pruebas" its a user)
Code:
[foo] path = /home/pruebas ready only = no guest ok = yes
[code]....
I have the [HOME] code too, its everything fine with it, and I cant connect with another user ("alfredo") from Red Hat to Windows XP with no problem... but as soon as I double click in "foo" directory, appears this:
[URL]
Already tried to disconnect from windows the directories with "net use" but it doesn't work
At my office we are having a samba sever, staff will access their respective folder from their Windows XP systems. I wish to track all user access activity like file creation, modification, deletion and etc. I tried smbstatus -v, from the output I am not able to guess what the user done. I am giving some of the results I get please help me or you can suggest best way to get access log.
Samba version 3.0.25b-0.el5.4 PID Username Group Machine 14721 govind govind tsl-019 (10.0.2.64) 4832 chandra chandra trivent-9b92c9c (10.0.2.106) Service pid machine Connected at
All of sudden a working SAMBA server not allowing to login and deny permission for users to access it shares. When I check I checked the server directory rights are same, find no changes. and smb.conf is also same. when I checked closely I found the following error.
1. smbd.log show the following messages
[2011/06/14 16:07:15, 0] lib/util_sock.c:get_peer_addr(1232) getpeername failed. Error was Transport endpoint is not connected [2011/06/14 16:07:15, 0] lib/util_sock.c:read_data(540) read_data: read failure for 4 bytes to client 0.0.0.0. Error = Connection reset by peer [2011/06/14 16:07:36, 0] lib/util_sock.c:get_peer_addr(1232) getpeername failed. Error was Transport endpoint is not connected [2011/06/14 16:07:36, 0] lib/util_sock.c:get_peer_addr(1232)
When I try to add a user to samba (using the GNOME UI) in F12, after enter all the information and click OK.it will just hang for about 20 seconds, and then do nothing. Window is still there, I click OK again and same thing.heres the steps i followed:
1) click preferences, Samba Users... 2) click add user 3) select user "joe" (example) from drop down of users 4) enter "joe" windows user name 5) enter password for joe (same as user password) 6) click OK 7) hangs 20 seconds then nothing.window is still there.click OK again same thing no user added
I have two ubuntu 10.04 64-bit servers running samba (3.4.7) and openLDAP (2.4.21). The LDAP directory is successfully replicating between the two servers. These servers also serve as LDAP servers for sudo, pam, nss, and other services for a dozen servers without issues. The BDC samba is configured to use itself for LDAP. I connected to the BDC using the samba ldap credentials and verified I could a) see the Computer object b) read NTPassword and LMPassword. The workstations can authenticate to the domain successfully against the PDC. If a workstation boots and connects to the BDC, they login fails with:
Code: [2010/07/18 11:46:23, 0] rpc_server/srv_netlog_nt.c:336(get_md4pw) get_md4pw: Workstation MACHINENAME$: no account in domain [2010/07/18 11:46:23, 0] rpc_server/srv_netlog_nt.c:584(_netr_ServerAuthenticate3) _netr_ServerAuthenticate3: failed to get machine password for account MACHINENAME$: NT_STATUS_ACCESS_DENIED
Successful authentication against the PDC shows: Code: [2010/07/18 11:59:20, 1] smbd/service.c:1063(make_connection_snum) MACHINENAME (192.168.2.145) connect to service netlogon initially as user username (uid=30000, gid=512) (pid 1727) [2010/07/18 11:59:20, 1] smbd/service.c:1063(make_connection_snum) MACHINENAME (192.168.2.145) connect to service data initially as user nobody (uid=65534, gid=65534) (pid 1727) .....
If I try to connect to my Samba server with one user ("alex"), everything works fine. If I try to connect with a different user, ("guest"), I receive the error:
Code: Retrying with upper case share name mount error(6): No such device or address Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) Both users have been added as samba users using `smbpasswd -a` These are the settings I've added in my smb.conf file:
I have configured ldap on Debian5 and samba on another machine, all servers are running ok, but when i try to add users, it gives me an errror that "unknown user"
I want to set a log off script for samba domain users. Actually I am facing a huge temp files related problem. So I want to set a batch file which will run when domain user log off. When user logout then batch file run and delete all temp files.I have already set batch file local group policy and it works for me, but I wants to set it from server side.
I have a Samba server running on a Red Hat 5.6 system that provides a large file share to both UNIX/Linux and Windows environments. There are two user accounts that can access this file share:
foo - has full access to ALL files in the file share bar - has full access to just one directory tree ('dog') in the file share
I created two different mount points, one for foo and one for bar. I've set all of the files in 'dog' to be owned by bar, which works fine for the bar account. The problem is, the foo account can't access the files. Also, foo and bar need to be able to share files, by placing them in the 'dog' directory tree.
I'm not sure how to set this up using standard Samba tools. I've looked in the Samba GUI available with Red Hat, and don't see anything helpful there regarding my need. I've Google'd and have seen references to using ACLs with Samba. Is this the right solution to this problem, or have I missed something?
In other Linux distros I've used, new users are assigned to their own group (i.e. user 'joe', group 'joe') by default. To my surprise, when I create new users with my openSUSE 11.4, they are all assigned to the 'users' shared group by default.To test this, I created a new user called 'friends'. From my terminal, I can see how the new user files look like:
joe@linux:~> ls -l /home/friends/ total 40 drwxr-xr-x 2 friends users 4096 Sep 3 11:37 bin
