samba "username map" stopped to work after upgrade to 3.6
Posted
by
Kris_R
on Server Fault
See other posts from Server Fault
or by Kris_R
Published on 2013-10-30T15:05:57Z
Indexed on
2013/10/30
15:57 UTC
Read the original article
Hit count: 387
It was time to upgrade our group server (new HDs, problems with old installation of DRBD, etc..).
Going as usually for CentOS i upgraded whole system from 6.3 to 6.4 The later one came with samba 3.6 as the old one was 3.5. I transferred most of users by copying /etc/password
, /etc/shadow
and samba accounts with pdbedit
. Homes were on nfs-drive. The translation of unix accounts to samba accounts are located in /etc/samba/smbusers
.
Strangely enough on some windows clients there was problem to connect to samba-shares. In one case the only thing that worked was, instead of giving windows name, to use the unix account. In another one, it was possible to mount network drive and to open it in Windows Explorer, however other applications like "Total commander" at the attempt of opening this drive gave the message "Cannot connect to z:" (sometimes at this moment user/pass were requested).
The smb.conf
has following entries:
[global]
security = user
passdb backend = tdbsam
username map = /etc/samba/smbusers
...
[Kris]
comment = Kris's Private
path = /SMB/Users/Kris
writeable = yes
read only = no
browseable = yes
users = krisr
printable = no
security mask = 0777
force security mode = 0
directory security mask = 0777
force directory security mode = 0
force create mode = 0775
force directory mode = 6775
The smbusers
:
# Unix_name = SMB_name1 SMB_name2 ...
krisr = Kris
Of course testparm
runs without any errors.
I was used from samba 3.5 to outputs of form Mapped user kris to krisr
. Nothing like this happens now. Just message check_sam_security: Couldn't find user Kris in passdb
. I read on web that some guys had problem with 3.6 and security = ADS
, but these were not helpful for me.
I'm seriously thinking about downgrading back to samba 3.5 but before this step I wanted to ask if somebody knows the solution of these problems.
© Server Fault or respective owner