LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-31-2011, 05:46 PM   #1
Saed.Abdu
LQ Newbie
 
Registered: Jun 2011
Posts: 14

Rep: Reputation: Disabled
Exclamation Samba + AD Permission Problem


Hello Friends

i got samba + winbind integrated with my AD 2k3 and i`m able to view AD users using wbinfo -u
i`ve setup my samba server to auto-create home directories for my AD users when ever they access my linux server

MY PROBLEM is that when a user try to access his home Directory on the linux box he gets an authentication window, even after entering his Credentials the system dosen`t allow him to access the Directory, although i know its a permission issue , i cant figure out what is missing in my smb.conf file

i tried to create the user home directory manually and gave it a permission for the AD-User Account, but al in vain !

i`ve had a look on this wiki but i got lost comparing it to my configuration .


here is a closer look at my smb.conf ...

Code:
# Samba config file created using SWAT
# from UNKNOWN (0.0.0.0)
# Date: 2011/10/31 22:27:19

[global]
	workgroup = MYDOMAIN
	realm = MYDOMAIN
	server string = Samba Server Version %v
	security = ADS
	log file = /var/log/samba/log.%m
	max log size = 50
	idmap uid = 10000-20000
	idmap gid = 10000-20000
	cups options = raw

[homes]
	comment = Home Directories
	read only = No
	browseable = yes
        writable = yes
       

[printers]
	comment = All Printers
	path = /var/spool/samba
	printable = Yes
	browseable = No
i would be very thankful guys if u can help me with this

Regards
Saed ...
 
Old 11-01-2011, 12:46 AM   #2
anotherlinuxuser
Member
 
Registered: Jan 2007
Location: Alberta Canada
Distribution: Fedora/Redhat/CentOS
Posts: 68

Rep: Reputation: 19
Have you joined your Linux system to the domain?
Just like a Windows system, the Linux system must be joined to the domain, which really means the a Domain SID is issued to the system so it can be identified as a domain member.
As root, run:

net ads join -U administrator

Answer the password prompt, and the system will attempt join the domain (ie be issued a SID by a Domain controller), and, start/restart winbindd.
As with Windows, a Domain administrator's user name/password must be used to join.
Until this is done, the Windows Domain controller(s) will not trust the Samba server, and prompt users for passwords.
 
Old 11-01-2011, 01:42 AM   #3
Saed.Abdu
LQ Newbie
 
Registered: Jun 2011
Posts: 14

Original Poster
Rep: Reputation: Disabled
hi anotherlinuxuser,

thanks for replyin` , yes my linux server is joined to my AD 2K3 , i`ve did that at the beginning of samba/Kerberos configuration .

any ideas ??
 
Old 11-01-2011, 02:37 AM   #4
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 1,295

Rep: Reputation: 222Reputation: 222Reputation: 222
have you tried smbpasswd,like: smbpasswd -a my_new_user1

this will add a new user (my_new_user1) to the samba user database.

let us know if it helps
 
Old 11-01-2011, 12:53 PM   #5
Saed.Abdu
LQ Newbie
 
Registered: Jun 2011
Posts: 14

Original Poster
Rep: Reputation: Disabled
hi JJJCR ,


but i`m not planning to use Samba DB to store users & passwords on the Samba Server, i already have an Active Directory,
i just want to be able to assign the right permissions for users in my Active Directory via samba shares.

thank you my friend i appreciate your help ...
 
Old 11-01-2011, 01:24 PM   #6
Passmossis
LQ Newbie
 
Registered: Jul 2011
Location: USA
Distribution: RHEL 6.5
Posts: 28

Rep: Reputation: 2
What is your linux distro?
 
Old 11-02-2011, 01:38 AM   #7
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 1,295

Rep: Reputation: 222Reputation: 222Reputation: 222
had found this config below from this link: http://www.samba.org/samba/docs/man/...samba-pdc.html

try adding domain logons on your smb.conf file.

Quote:
Example 4.1. smb.conf for being a PDC

[global]
passdb backend = tdbsam
os level = 33
preferred master = auto
domain master = yes
local master = yes
security = user
domain logons = yes
logon path = \\%N\profiles\%U
logon drive = H:
logon home = \\homeserver\%U\winprofile
logon script = logon.cmd
[netlogon]
path = /var/lib/samba/netlogon
read only = yes
[profiles]
path = /var/lib/samba/profiles
read only = no
create mask = 0600
directory mask = 0700
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba permission problem onsorg Linux - Server 2 04-05-2011 03:07 AM
Samba permission problem (probably) pingu Linux - Software 3 01-26-2010 01:23 AM
Samba permission problem bic Linux - Server 3 07-13-2009 09:19 AM
Samba pdc permission problem brecht Linux - Server 1 04-09-2008 06:29 AM
Printer Permission problem with samba techrolla Linux - Software 5 05-26-2004 05:20 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:00 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration