This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Cygwin, samba, smbntsec and domain groups
- From: Dan Alderman <d dot alderman at 180sw dot com>
- To: cygwin at cygwin dot com
- Date: Fri, 13 Aug 2004 11:31:56 +0100
- Subject: Cygwin, samba, smbntsec and domain groups
Hi guys and girls,
I know from looking at the lists this topic has been covered many times
before, but I don't seem to be able to find the answers I'm looking for,
or at least I'm missing them. Sorry if this has already been covered
and I missed it.
Background.
===========
I have a small network of developers who need to use windows machines as
some of the tools we require are Windoze only :-(. Being a bunch of
Linux people we opted to try and do everything under Cygwin using make
etc so our build system works on both platforms. So far so good. In an
effort to keep things neat and tidy I have created a Samba PDC so user
profiles follow people around, and people work on the same filestore
regardless of being on Windows / Linux. The Samba server is a Debian
Woody box using Samba 3.0.5 from www.backports.org.
I have pasted in my configuration for the Samba server at the end of the
email under the section "Configuration and tool output".
Domain logons seem to be fine, profiles are being saved correctly and
windows usage itself is hunky dory.
The output from cygcheck -s is at the bottom underneath the smb.conf.
The problem.
============
My Samba server has the group mapping database populated, this is the
entry for my user in the group map.
dan (S-1-5-21-283032880-4000665858-140500845-3001) -> dan
This is the output from pdbedit for my user
Unix username: dan
NT username:
Account Flags: [U ]
User SID: S-1-5-21-283032880-4000665858-140500845-3000
Primary Group SID: S-1-5-21-283032880-4000665858-140500845-3001
Full Name: Dan Alderman
Home Directory: \\gawain\dan
HomeDir Drive: j:
Logon Script: logon.bat
Profile Path: \\gawain\profiles\dan\
Domain: 180SOFTWARE
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Tue, 19 Jan 2038 03:14:07 GMT
Kickoff time: Tue, 19 Jan 2038 03:14:07 GMT
Password last set: Thu, 12 Aug 2004 13:23:57 GMT
Password can change: Thu, 12 Aug 2004 13:23:57 GMT
Password must change: Tue, 19 Jan 2038 03:14:07 GMT
Last bad password : 0
Bad password count : 0
There actually seems to be a few problems with the setup, but I'm not
sure if they are related.
First of all there seems to be an inconsistency with the Cygwin tools
for creating the passwd and group files.
If I run mkpasswd -d to get my domain user details I get
[dan@ironside j] $ mkpasswd -d
dan:unused_by_nt/2000/xp:13000:13001: \
Dan Alderman,U-180SOFTWARE\dan,S-1-5-21-283032880-4000665858-140500845-3000: \
//gawain/dan:/bin/bash
And then for the group details I get this
[dan@ironside j] $ mkgroup -d
dan:S-1-5-21-283032880-4000665858-140500845-3000:13001:
You may have noticed that this seems somewhat inconsistent as according
to the groupmap output my group id is this (notice the 3001 on the end)
dan (S-1-5-21-283032880-4000665858-140500845-3001) -> dan
Does this mean there is an off by 1 error somewhere in the tools? If I
put these entries as shown into /etc/group and /etc/passwd respectively
an ls in a cygwin terminal gives me:
-rwxr--r-- 1 dan ???????? 0 Aug 13 09:52 test
This is with the CYGWIN variable set to smbntsec. If I edit /etc/group
manually and change the line to read:
dan:S-1-5-21-283032880-4000665858-140500845-3001:13001:
(Notice the ...140500845-3000 is now ...140500845-3001) I get sensible
output from an ls -l as shown. The permissions even match what is on
the server :-)
-rwxr--r-- 1 dan dan 0 Aug 13 09:52 test
Is this to be expected, has it been seen before? Could something be
corrupt somewhere or is this just a bug? I also cannot chown the files
from the Cygwin terminal, I get permission denied. Is that expected?
I also have a problem with XEmacs on Cygwin. I installed using the
"all/unix" mode rather than "myself/native". XEmacs seems unable to
write a file on the network share, whenever it tries I get a
Opening output file: Permission denied, /cygdrive/j/.xemacs/recent
(That error was created when trying to exit, I ended up having to kill
the process).
I shall try XEmacs using the native mode install and see if that makes a
difference, but I'd really like to use the non native version as the
path names are unix style.
If anyone can help shed some light on the situation it would be most
appreciated, I been trying to fix this for almost a week now and it's
getting very frustrating.
Many thanks for taking the time if you got this far :-) Any help is
most appreciated.
Kind regards,
Dan.
Configuration and tool output.
==============================
1: smb.conf.
============
[global]
workgroup = 180SOFTWARE
server string = %h server (Samba %v)
interfaces = lo, eth0
bind interfaces only = Yes
obey pam restrictions = Yes
passdb backend = tdbsam:/var/lib/samba/passdb.tdb
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
username map = /etc/samba/smbusers
log level = 0
syslog = 0
log file = /var/log/samba/log.%m
max log size = 10000
name resolve order = host bcast
load printers = No
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
logon script = logon.bat
# Seperate out the profiles per machine for now as we have a mixture of 2K XP at the moment
logon path = \\%L\profiles\%U\%m
logon drive = j:
logon home = \\%L\%U
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
ldap ssl = no
panic action = /usr/share/samba/panic-action %d
idmap uid = 15000-20000
idmap gid = 15000-20000
hosts allow = 192.168.1.0/255.255.255.0, 127.0.0.1/255.0.0.0
hosts deny = 0.0.0.0
[homes]
comment = Home Directories
path = /home/users/%u
read only = No
browseable = No
guest ok = No
nt acl support = yes
2: Cygcheck output.
===================
[dan@ironside j] $ cygcheck.exe -s
Cygwin Configuration Diagnostics
Current System Time: Fri Aug 13 11:17:36 2004
Windows XP Professional Ver 5.1 Build 2600 Service Pack 1
Path: .\
\\gawain\dan\bin\noarch
C:\cygwin\usr\local\bin
C:\cygwin\sbin
C:\cygwin\usr\sbin
C:\cygwin\usr\local\bin
C:\cygwin\bin
C:\cygwin\bin
C:\cygwin\usr\X11R6\bin
c:\WINDOWS\system32
c:\WINDOWS
c:\WINDOWS\System32\Wbem
"C
C:\cygwin\Program Files\Symantec\Norton Ghost 2003\"
C:\cygwin\opt\jdk\bin
\\gawain\dan\bin\win32.i386
Output from C:\cygwin\bin\id.exe (nontsec)
UID: 13000(dan) GID: 13001(dan)
13001(dan)
Output from C:\cygwin\bin\id.exe (ntsec)
UID: 13000(dan) GID: 13001(dan)
0(root) 544(Administrators)
547(Power Users) 545(Users)
12000(Power Users) 10512(Domain Admins)Use `-r' to scan registry
a: fd N/A N/A
c: hd NTFS 49999Mb 10% CP CS UN PA FC
d: hd NTFS 26317Mb 7% CP CS UN PA FC Drive D
e: cd CDFS 514Mb 100% CS UN NEROEXPRESS55104
j: net NTFS 411144Mb 21% CP CS PA dan
k: net NTFS 411144Mb 21% CP CS PA share
m: net NTFS 411144Mb 21% CP CS PA music
C:\cygwin / system binmode
C:\cygwin/bin /usr/bin system binmode
C:\cygwin/lib /usr/lib system binmode
. /cygdrive system binmode,cygdrive
Found: C:\cygwin\bin\awk.exe
Found: C:\cygwin\bin\bash.exe
Found: C:\cygwin\bin\cat.exe
Found: C:\cygwin\bin\cp.exe
Found: C:\cygwin\bin\cpp.exe
Found: C:\cygwin\bin\find.exe
Found: C:\cygwin\bin\gcc.exe
Not Found: gdb
Found: C:\cygwin\bin\grep.exe
Found: C:\cygwin\bin\ld.exe
Found: C:\cygwin\bin\ls.exe
Found: C:\cygwin\bin\make.exe
Found: C:\cygwin\bin\mv.exe
Found: C:\cygwin\bin\rm.exe
Found: C:\cygwin\bin\sed.exe
Found: C:\cygwin\bin\sh.exe
Found: C:\cygwin\bin\tar.exe
61k 2003/08/09 C:\cygwin\bin\cygbz2-1.dll
529k 2004/06/27 C:\cygwin\bin\cygcppunit-1-9-14.dll
7k 2003/10/19 C:\cygwin\bin\cygcrypt-0.dll
841k 2004/03/17 C:\cygwin\bin\cygcrypto-0.9.7.dll
831k 2003/09/20 C:\cygwin\bin\cygdb-4.1.dll
895k 2004/04/28 C:\cygwin\bin\cygdb-4.2.dll
1080k 2003/09/20 C:\cygwin\bin\cygdb_cxx-4.1.dll
1156k 2004/04/28 C:\cygwin\bin\cygdb_cxx-4.2.dll
155k 2004/01/07 C:\cygwin\bin\cygexpat-0.dll
45k 2001/04/25 C:\cygwin\bin\cygform5.dll
35k 2002/01/09 C:\cygwin\bin\cygform6.dll
48k 2003/08/09 C:\cygwin\bin\cygform7.dll
28k 2003/07/20 C:\cygwin\bin\cyggdbm-3.dll
30k 2003/08/11 C:\cygwin\bin\cyggdbm-4.dll
19k 2003/03/22 C:\cygwin\bin\cyggdbm.dll
15k 2003/07/20 C:\cygwin\bin\cyggdbm_compat-3.dll
15k 2003/08/11 C:\cygwin\bin\cyggdbm_compat-4.dll
107k 2004/07/06 C:\cygwin\bin\cyggettextlib-0-14-1.dll
17k 2004/07/06 C:\cygwin\bin\cyggettextpo-0.dll
190k 2004/07/06 C:\cygwin\bin\cyggettextsrc-0-14-1.dll
17k 2001/06/28 C:\cygwin\bin\cyghistory4.dll
29k 2003/08/10 C:\cygwin\bin\cyghistory5.dll
991k 2004/07/06 C:\cygwin\bin\cygiconv-2.dll
22k 2001/12/13 C:\cygwin\bin\cygintl-1.dll
37k 2003/08/10 C:\cygwin\bin\cygintl-2.dll
54k 2004/07/06 C:\cygwin\bin\cygintl-3.dll
132k 2003/08/11 C:\cygwin\bin\cygjpeg-62.dll
119k 2002/02/09 C:\cygwin\bin\cygjpeg6b.dll
40k 2004/07/07 C:\cygwin\bin\cygltdl-3.dll
26k 2001/04/25 C:\cygwin\bin\cygmenu5.dll
20k 2002/01/09 C:\cygwin\bin\cygmenu6.dll
29k 2003/08/09 C:\cygwin\bin\cygmenu7.dll
15k 2003/11/20 C:\cygwin\bin\cygminires.dll
156k 2001/04/25 C:\cygwin\bin\cygncurses++5.dll
175k 2002/01/09 C:\cygwin\bin\cygncurses++6.dll
226k 2001/04/25 C:\cygwin\bin\cygncurses5.dll
202k 2002/01/09 C:\cygwin\bin\cygncurses6.dll
224k 2003/08/09 C:\cygwin\bin\cygncurses7.dll
15k 2001/04/25 C:\cygwin\bin\cygpanel5.dll
12k 2002/01/09 C:\cygwin\bin\cygpanel6.dll
19k 2003/08/09 C:\cygwin\bin\cygpanel7.dll
62k 2003/12/11 C:\cygwin\bin\cygpcre-0.dll
63k 2003/04/11 C:\cygwin\bin\cygpcre.dll
9k 2003/12/11 C:\cygwin\bin\cygpcreposix-0.dll
61k 2003/04/11 C:\cygwin\bin\cygpcreposix.dll
1049k 2003/11/07 C:\cygwin\bin\cygperl5_8_2.dll
173k 2003/08/10 C:\cygwin\bin\cygpng12.dll
22k 2002/06/09 C:\cygwin\bin\cygpopt-0.dll
108k 2001/06/28 C:\cygwin\bin\cygreadline4.dll
148k 2003/08/10 C:\cygwin\bin\cygreadline5.dll
171k 2004/03/17 C:\cygwin\bin\cygssl-0.9.7.dll
281k 2003/02/24 C:\cygwin\bin\cygtiff3.dll
282k 2003/08/11 C:\cygwin\bin\cygtiff4.dll
50k 2003/08/09 C:\cygwin\bin\cygXpm-noX4.dll
54k 2003/08/09 C:\cygwin\bin\cygXpm-X4.dll
61k 2003/12/04 C:\cygwin\bin\cygz.dll
1126k 2004/05/26 C:\cygwin\bin\cygwin1.dll
Cygwin DLL version info:
DLL version: 1.5.10
DLL epoch: 19
DLL bad signal mask: 19005
DLL old termios: 5
DLL malloc env: 28
API major: 0
API minor: 116
Shared data: 4
DLL identifier: cygwin1
Mount registry: 2
Cygnus registry name: Cygnus Solutions
Cygwin registry name: Cygwin
Program options name: Program Options
Cygwin mount registry name: mounts v2
Cygdrive flags: cygdrive flags
Cygdrive prefix: cygdrive prefix
Cygdrive default prefix:
Build date: Tue May 25 22:07:00 EDT 2004
CVS tag: cr-0x5e6
Shared id: cygwin1S4
10513(Domain Users) 13001(dan)
SysDir: C:\WINDOWS\System32
WinDir: C:\WINDOWS
CYGWIN = `smbntsec'
HOME = `j:\'
MAKE_MODE = `unix'
PWD = `/cygdrive/j'
USER = `dan'
--
=====================================================================
Dan Alderman Software Engineer
OneEighty Software Ltd. Phone: +44 20 8680 8712
Cygnet House Fax: +44 20 8680 8453
12-14 Sydenham Road
Croydon Email: d.alderman@180sw.com
CR9 2ET
UK
Under the Regulation of Investigatory Powers (RIP) Act 2000 together
with any and all Regulations in force pursuant to the Act One Eighty
Software Ltd reserves the right to monitor any or all incoming or
outgoing communications as provided for under the Act.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/