[Samba] problem with user nobody and net groupmap

This is a discussion on [Samba] problem with user nobody and net groupmap within the Samba forums, part of the Networking and Network Related category; When I do net groupmap add rid=514 ntgroup="Domain Guests" unixgroup=nobody type=d and then try ...


Go Back   Usenet Forums > Networking and Network Related > Samba

Reload this Page [Samba] problem with user nobody and net groupmap

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 04-14-2008
Adam Williams
 
Posts: n/a
Default [Samba] problem with user nobody and net groupmap
When I do net groupmap add rid=514 ntgroup="Domain Guests"
unixgroup=nobody type=d and then try to connect to a share called share
which only allows guest connections with the following permissions:

[global]
guest account = nobody
map to guest = bad user
map to guest = bad password

[share]
path = /samba/admin
force directory mode = 777
writeable = Yes
create mode = 777
force create mode = 777
directory mode = 777
force group = admin
guest ok = Yes
guest only = Yes

I get the error in the samba log:

[2008/04/13 22:27:26, 2] passdb/pdb_ldap.c:init_group_from_ldap(2162)
init_group_from_ldap: Entry found for group: 65534
[2008/04/13 22:27:26, 1] auth/auth_util.c:create_token_from_username(1110)
nobody is a Domain Group, not a user

however, if I run net groupmap delete ntgroup="Domain Guests" then I can
connect to the share fine. Why is this? Why can't samba connect as the
user nobody when the nobody group is mapped? nobody is loaded into ldap:

[root@roark samba]# ldapsearch -D
'cn=Manager,dc=mdah,dc=state,dc=ms,dc=us' -b
"uid=nobody,ou=People,dc=mdah,dc=state,dc=ms,dc=us " -w xxxxxxxxxxxx -x
# extended LDIF
#
# LDAPv3
# base <uid=nobody,ou=People,dc=mdah,dc=state,dc=ms,dc=us > with scope
subtree
# filter: (objectclass=*)
# requesting: ALL
#

# nobody, People, mdah.state.ms.us
dn: uid=nobody,ou=People,dc=mdah,dc=state,dc=ms,dc=us
uid: nobody
cn: Nobody
sn: Nobody
mail: nobody@mdah.state.ms.us
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: hostObject
userPassword:: xxxxxxxxxxxxxxxx
shadowLastChange: 13966
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/sh
uidNumber: 65534
gidNumber: 65534
host: roark
host: archives3
host: arrowhead
host: preshs
host: wmounds
host: manship
host: welty
homeDirectory: /home
gecos: Nobody

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
[root@roark samba]#

[root@roark samba]# ldapsearch -D
'cn=Manager,dc=mdah,dc=state,dc=ms,dc=us' -b
"cn=nobody,ou=Group,dc=mdah,dc=state,dc=ms,dc= us" -w xxxxxxxxxx -x
# extended LDIF
#
# LDAPv3
# base <cn=nobody,ou=Group,dc=mdah,dc=state,dc=ms,dc=us > with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# nobody, Group, mdah.state.ms.us
dn: cn=nobody,ou=Group,dc=mdah,dc=state,dc=ms,dc=us
objectClass: posixGroup
objectClass: top
cn: nobody
userPassword:: xxxxxxxxxxxxxx
gidNumber: 65534

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1



--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 10:19 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0