HPE Community
Operating System - HP-UX
1827283 Members
3444 Online
109717 Solutions
New Discussion

Samba - Users can't access their files

 
Coolmar
Esteemed Contributor

‎10-13-2005 05:22 AM

‎10-13-2005 05:22 AM

Samba - Users can't access their files

I have samba setup on my HPUX 11i system with Domain security. My users can connect to the shares and copy files in and out without a problem. Where the problem starts is that after they copy a bunch of files into the samba share from Windows, they then login to the unix system and go into the directory/share and their files are all owned by their winbind name (ie: DOMAIN/usera). So when they try and chown the file to the unix userid "usera" they are told they can't because they dont' own the file. Also, other applications will not work with these files because they don't have the correct owner. The strange thing is that they can delete/mv/modify the files. So I don't understand why they can't "chown". Any ideas?
0 Kudos
Reply
3 REPLIES 3
Steven E. Protter
Exalted Contributor

‎10-13-2005 06:34 AM

‎10-13-2005 06:34 AM

Re: Samba - Users can't access their files

Your users are logging onto the domain and doing file manipulation via domain security.

After logging into Unix the user is not using domain authentication but local(I surmise).

I'm guessing authentication of the users is not happening on the network.

Under this guess there is no way for the system to know these users are the same as the network users that placed the files.

There are ways around this such as having the Unix system authenticate non system users on an external LDAP/ADS server.

The problem under my guess scenario is that the numeric user id on both systems do not match. Samba has a scheme to create compatibility but it doesn't always get down to the numeric unix user number. Thats what your system cares about in your example above.

\
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Coolmar
Esteemed Contributor

‎10-13-2005 07:42 AM

‎10-13-2005 07:42 AM

Re: Samba - Users can't access their files

Well one thing I found that I think is the root of the problem is that all the userid were setup with uids in the 10000-20000 range which is the same range as the idmap in the smb.conf. So can I change the idmap to 100000-500000? I would rather that than change all the uids as that may cause file permission/access problems. I did try and change the idmap to the above and it is still mapping the uid to 10000.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎10-13-2005 10:05 AM

‎10-13-2005 10:05 AM

Re: Samba - Users can't access their files

I'm not sure what will be accomplished by changing the id mapping.

The real answer is creating some kind of mechanism where the local unix id is recognized as the same on the network and local machine.

That involves some kind of integration.

I'm providing you some links that might help with either uid mapping or actual integration. Your system. Your choice.

http://www4.itrc.hp.com/service/james/dispDoc.do?docURL=http%3A%2F%2Fsearch.hp.com%2Fredirect.html%3Furl%3Dhttp%253A%2F%2Fforums1.itrc.hp.com%2Fservice%2Fforums%2Fquestionanswer.do%253FthreadId%253D127493%26qt%3D%252BSamba%2B%252Buid%2B%252Bmapping%26hit%3D1&aid=SEARCH_FORUMS&pil=1&serStr=Samba+uid+mapping&pir=1

Active Directory Integration.
http://www4.itrc.hp.com/service/james/dispDoc.do?docURL=http%3A%2F%2Fsearch.hp.com%2Fredirect.html%3Furl%3Dhttp%253A%2F%2Fforums1.itrc.hp.com%2Fservice%2Fforums%2Fquestionanswer.do%253FthreadId%253D792689%26qt%3D%252BSamba%2B%252Buid%2B%252Bmapping%26hit%3D3&aid=SEARCH_FORUMS&pil=3&serStr=Samba+uid+mapping&pir=3

http://www4.itrc.hp.com/service/james/dispDoc.do?docURL=http%3A%2F%2Fsearch.hp.com%2Fredirect.html%3Furl%3Dhttp%253A%2F%2Fdocs.hp.com%2Fen%2FB8725-90079%2Fch04s07.html%26qt%3D%2BSamba%2Buid%2Bmapping%26hit%3D2&aid=SEARCH_MANUAL&pil=6&serStr=Samba+uid+mapping

Possibly similar error
http://www4.itrc.hp.com/service/james/dispDoc.do?docURL=http%3A%2F%2Fsearch.hp.com%2Fredirect.html%3Furl%3Dhttp%253A%2F%2Fforums1.itrc.hp.com%2Fservice%2Fforums%2Fquestionanswer.do%253FthreadId%253D780819%26qt%3D%252BSamba%2B%252Buid%2B%252Bmapping%26hit%3D2&aid=SEARCH_FORUMS&pil=2&serStr=Samba+uid+mapping&pir=2

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.