diff options
-rw-r--r-- | docs/Samba3-ByExample/SBE-AddingUNIXClients.xml | 74 | ||||
-rw-r--r-- | docs/Samba3-ByExample/SBE-SecureOfficeServer.xml | 20 | ||||
-rw-r--r-- | docs/Samba3-ByExample/SBE-SimpleOfficeServer.xml | 4 |
3 files changed, 13 insertions, 85 deletions
diff --git a/docs/Samba3-ByExample/SBE-AddingUNIXClients.xml b/docs/Samba3-ByExample/SBE-AddingUNIXClients.xml index 1c4f453b98..a20703af39 100644 --- a/docs/Samba3-ByExample/SBE-AddingUNIXClients.xml +++ b/docs/Samba3-ByExample/SBE-AddingUNIXClients.xml @@ -1035,7 +1035,6 @@ Joined domain MEGANET2. <smbconfoption name="add user script">/usr/sbin/useradd -m '%u'</smbconfoption> <smbconfoption name="add machine script">/usr/sbin/useradd -M '%u'</smbconfoption> <smbconfoption name="add group script">/usr/sbin/groupadd '%g'</smbconfoption> -<smbconfoption name="winbind enable local accounts">Yes</smbconfoption> <smbconfoption name="log file">/var/log/samba/%m</smbconfoption> <smbconfoption name="max log size">0</smbconfoption> <smbconfoption name="smb ports">139</smbconfoption> @@ -2631,79 +2630,6 @@ session sufficient /lib/security/$ISA/pam_winbind.so use_first_pass <question> <para><indexterm> - <primary>winbind enable local accounts</primary> - </indexterm><indexterm> - <primary>/etc/passwd</primary> - </indexterm><indexterm> - <primary>options list</primary> - </indexterm><indexterm> - <primary>ACL</primary> - </indexterm><indexterm> - <primary>share</primary> - </indexterm> - In my &smb.conf; file, I enabled the parameter <parameter>winbind enable local accounts - </parameter> on all domain member servers, but it does not work. The accounts I put in - <filename>/etc/passwd</filename> do not show up in the options list when I try to set an - ACL on a share. What have I done wrong? - </para> - - </question> - <answer> - - <para><indexterm> - <primary>local users</primary> - </indexterm><indexterm> - <primary>local groups</primary> - </indexterm><indexterm> - <primary>UNIX account</primary> - </indexterm><indexterm> - <primary>getpwnam()</primary> - </indexterm><indexterm> - <primary>getgrgid()</primary> - </indexterm><indexterm> - <primary>Identity resolution</primary> - </indexterm><indexterm> - <primary>failure</primary> - </indexterm><indexterm> - <primary>Domain</primary> - </indexterm> - The manual page for this &smb.conf; file parameter clearly says, <quote>This parameter - controls whether or not winbindd will act as a stand-in replacement for the various - account management hooks in smb.conf (for example, add user script). If enabled, winbindd - will support the creation of local users and groups as another source of UNIX account - information available via getpwnam() or getgrgid(), etc....</quote> By default this - parameter is already enabled; therefore, the action you are seeing is a result of a failure - of identity resolution in the domain. - </para> - - <para><indexterm> - <primary>Domain logons</primary> - </indexterm><indexterm> - <primary>Identity resolution</primary> - </indexterm><indexterm> - <primary>Domain</primary> - <secondary>user</secondary> - </indexterm><indexterm> - <primary>Domain</primary> - <secondary>group</secondary> - </indexterm><indexterm> - <primary>UID</primary> - </indexterm><indexterm> - <primary>GID</primary> - </indexterm> - These are the accounts that are available for Windows network domain logons. Providing - identity resolution has been correctly configured on the domain controllers as well as - on domain member servers. The domain user and group identities automatically map - to a valid local UID and GID pair. - </para> - - </answer> - </qandaentry> - - <qandaentry> - <question> - - <para><indexterm> <primary>trusted domains</primary> </indexterm><indexterm> <primary>domain</primary> diff --git a/docs/Samba3-ByExample/SBE-SecureOfficeServer.xml b/docs/Samba3-ByExample/SBE-SecureOfficeServer.xml index 88b3758714..75c57db01d 100644 --- a/docs/Samba3-ByExample/SBE-SecureOfficeServer.xml +++ b/docs/Samba3-ByExample/SBE-SecureOfficeServer.xml @@ -1077,12 +1077,12 @@ Added user <parameter>username</parameter>. <indexterm><primary>file system</primary><secondary>permissions</secondary></indexterm> Create the top-level file storage directories for data and applications as follows: <screen> -&rootprompt; mkdir -p /data/{accounts,finsvcs} +&rootprompt; mkdir -p /data/{accounts,finsrvcs} &rootprompt; mkdir -p /apps &rootprompt; chown -R root:root /data &rootprompt; chown -R root:root /apps -&rootprompt; chown -R bjordan:accounts /data/accounts -&rootprompt; chown -R bjordan:finsvcs /data/finsvcs +&rootprompt; chown -R bjordan:acctsdep /data/accounts +&rootprompt; chown -R bjordan:finsrvcs /data/finsrvcs &rootprompt; chmod -R ug+rwxs,o-rwx /data &rootprompt; chmod -R ug+rwx,o+rx-w /apps </screen> @@ -1106,6 +1106,8 @@ Added user <parameter>username</parameter>. &rootprompt; chown -R root:root /var/spool/samba &rootprompt; chown -R root:root /var/lib/samba &rootprompt; chmod a+rwxt /var/spool/samba +&rootprompt; chmod 2775 /var/lib/samba/profiles +&rootprompt; chgrp users /var/lib/samba/profiles </screen> For each user account that is created on the system, the following commands should be executed: @@ -1578,10 +1580,10 @@ hosts: files dns wins requests only when configured to do so. Ensure that your print queues are set to accept incoming jobs by executing the following commands: <screen> -&rootprompt; /usr/bin/accept qmsa -&rootprompt; /usr/bin/accept hplj6a -&rootprompt; /usr/bin/accept qmsf -&rootprompt; /usr/bin/accept hplj6f +&rootprompt; /usr/sbin/accept qmsa +&rootprompt; /usr/sbin/accept hplj6a +&rootprompt; /usr/sbin/accept qmsf +&rootprompt; /usr/sbin/accept hplj6f </screen> </para></step> @@ -1656,7 +1658,7 @@ application/octet-stream automatically at every system reboot. For example, <indexterm><primary>chkconfig</primary></indexterm> <screen> -&rootprompt; chkconfig dhpc on +&rootprompt; chkconfig dhpcd on &rootprompt; chkconfig named on &rootprompt; chkconfig cups on &rootprompt; chkconfig smb on @@ -1671,7 +1673,7 @@ application/octet-stream Execute each of the following in the sequence shown: <screen> -&rootprompt; /etc/rc.d/init.d/dhcp restart +&rootprompt; /etc/rc.d/init.d/dhcpd restart &rootprompt; /etc/rc.d/init.d/named restart &rootprompt; /etc/rc.d/init.d/cups restart &rootprompt; /etc/rc.d/init.d/smb restart diff --git a/docs/Samba3-ByExample/SBE-SimpleOfficeServer.xml b/docs/Samba3-ByExample/SBE-SimpleOfficeServer.xml index d45a3f02a4..1585084e0f 100644 --- a/docs/Samba3-ByExample/SBE-SimpleOfficeServer.xml +++ b/docs/Samba3-ByExample/SBE-SimpleOfficeServer.xml @@ -1161,7 +1161,7 @@ Added user "LoginID" <screen> &rootprompt; mkdir -p /data &rootprompt; chown alan /data -&rootprompt; for i in james suzy ursula peter dale eric jeannie russell +&rootprompt; for i in james suzy ujen peter dale eric jeannie russ > do > mkdir -p /data/$i > chown $i /data/$i @@ -1259,7 +1259,7 @@ application/octet-stream Make certain to check the ownership and permissions on all files. If in doubt, execute the following: <screen> &rootprompt; chown alan /data -&rootprompt; for i in james suzy ursula peter dale eric jeannie russell +&rootprompt; for i in james suzy ujen peter dale eric jeannie russ > do > chown $i /data/$i > done |