Thursday, February 3, 2011

Configuring samba to change ownership virtually

We have 2 ubuntu 8.04 LTS fileservers running samba version 3.0.28a-1ubuntu4.12, they export samba shares for windows server 2003 machines. There is no windows AD domain, just plain user authentication. From /etc/samba/smb.conf:

[global]
        workgroup = WORKGROUP
        security = SHARE
        passdb backend = smbpasswd:/etc/samba/smbpasswd
        unix password sync = no
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 1000
        dns proxy = No
        panic action = /usr/share/samba/panic-action %d
        encrypt passwords = true
        invalid users = root
        hosts allow = 10.1.1.0/24

[md0]
        comment = md0
        path = /mnt/md0/smb/share1
        valid users = user1
        force user = root
        force group = root
        read only = no
        create mask = 0660
        directory mask = 0770
        browseable = Yes

/mnt/md0/ is a raid system and file permissions are root.root for historical reasons.

On a windows server 2003 machine we access the share with a script:

net use t: \\fileserver0\md0 passwordforuser1 /user:user1

On the windows machine we now see Unix user\root as the owner:

alt text

This is logically correct.

But is there a chance to change samba configuration so we see user1.user1 as owner on the windows side instead of Unix user\root?

From serverfault mit

  • First, You could adjust the groupmappings in samba, to adjust the group that will be shown :

    net groupmap add unixgroup=root ntgroup=user1

    Second, You can map individual users by modifying samba.conf by adding 

    username map = /etc/samba/smbusers

    to the [global] section, and then making the file /etc/samba/smbusers containing :

    root: user1
    mit : Thank you. It works for the group but the user that windows sees is still root.
    mit : I tried to change the last line to `root = user1`. Now there is an error on the winodws side when user1 tries to connect. Is there anything more I need to change? Maybe the `force`statement or something in the samba config needs more tweaking?
    Jasper : Do you have any relevant logs on your server about this error?
    mit : I had a look at the logs and could solve it. I had forgotten to update the password with smbpasswd. Thank you.
    From Jasper
Posted by Mu Cat at 8:51 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)