Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 10-31-2011, 06:46 PM   #1
LQ Newbie
Registered: Jun 2011
Posts: 14

Rep: Reputation: Disabled
Exclamation Samba + AD Permission Problem

Hello Friends

i got samba + winbind integrated with my AD 2k3 and i`m able to view AD users using wbinfo -u
i`ve setup my samba server to auto-create home directories for my AD users when ever they access my linux server

MY PROBLEM is that when a user try to access his home Directory on the linux box he gets an authentication window, even after entering his Credentials the system dosen`t allow him to access the Directory, although i know its a permission issue , i cant figure out what is missing in my smb.conf file

i tried to create the user home directory manually and gave it a permission for the AD-User Account, but al in vain !

i`ve had a look on this wiki but i got lost comparing it to my configuration .

here is a closer look at my smb.conf ...

# Samba config file created using SWAT
# from UNKNOWN (
# Date: 2011/10/31 22:27:19

	workgroup = MYDOMAIN
	realm = MYDOMAIN
	server string = Samba Server Version %v
	security = ADS
	log file = /var/log/samba/log.%m
	max log size = 50
	idmap uid = 10000-20000
	idmap gid = 10000-20000
	cups options = raw

	comment = Home Directories
	read only = No
	browseable = yes
        writable = yes

	comment = All Printers
	path = /var/spool/samba
	printable = Yes
	browseable = No
i would be very thankful guys if u can help me with this

Saed ...
Old 11-01-2011, 01:46 AM   #2
Registered: Jan 2007
Location: Alberta Canada
Distribution: Fedora/Redhat/CentOS
Posts: 70

Rep: Reputation: 19
Have you joined your Linux system to the domain?
Just like a Windows system, the Linux system must be joined to the domain, which really means the a Domain SID is issued to the system so it can be identified as a domain member.
As root, run:

net ads join -U administrator

Answer the password prompt, and the system will attempt join the domain (ie be issued a SID by a Domain controller), and, start/restart winbindd.
As with Windows, a Domain administrator's user name/password must be used to join.
Until this is done, the Windows Domain controller(s) will not trust the Samba server, and prompt users for passwords.
Old 11-01-2011, 02:42 AM   #3
LQ Newbie
Registered: Jun 2011
Posts: 14

Original Poster
Rep: Reputation: Disabled
hi anotherlinuxuser,

thanks for replyin` , yes my linux server is joined to my AD 2K3 , i`ve did that at the beginning of samba/Kerberos configuration .

any ideas ??
Old 11-01-2011, 03:37 AM   #4
Senior Member
Registered: Apr 2010
Posts: 1,843

Rep: Reputation: 337Reputation: 337Reputation: 337Reputation: 337
have you tried smbpasswd,like: smbpasswd -a my_new_user1

this will add a new user (my_new_user1) to the samba user database.

let us know if it helps
Old 11-01-2011, 01:53 PM   #5
LQ Newbie
Registered: Jun 2011
Posts: 14

Original Poster
Rep: Reputation: Disabled
hi JJJCR ,

but i`m not planning to use Samba DB to store users & passwords on the Samba Server, i already have an Active Directory,
i just want to be able to assign the right permissions for users in my Active Directory via samba shares.

thank you my friend i appreciate your help ...
Old 11-01-2011, 02:24 PM   #6
LQ Newbie
Registered: Jul 2011
Location: USA
Distribution: RHEL 6.5
Posts: 28

Rep: Reputation: 2
What is your linux distro?
Old 11-02-2011, 02:38 AM   #7
Senior Member
Registered: Apr 2010
Posts: 1,843

Rep: Reputation: 337Reputation: 337Reputation: 337Reputation: 337
had found this config below from this link:

try adding domain logons on your smb.conf file.

Example 4.1. smb.conf for being a PDC

passdb backend = tdbsam
os level = 33
preferred master = auto
domain master = yes
local master = yes
security = user
domain logons = yes
logon path = \\%N\profiles\%U
logon drive = H:
logon home = \\homeserver\%U\winprofile
logon script = logon.cmd
path = /var/lib/samba/netlogon
read only = yes
path = /var/lib/samba/profiles
read only = no
create mask = 0600
directory mask = 0700


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba permission problem onsorg Linux - Server 2 04-05-2011 04:07 AM
Samba permission problem (probably) pingu Linux - Software 3 01-26-2010 02:23 AM
Samba permission problem bic Linux - Server 3 07-13-2009 10:19 AM
Samba pdc permission problem brecht Linux - Server 1 04-09-2008 07:29 AM
Printer Permission problem with samba techrolla Linux - Software 5 05-26-2004 06:20 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:17 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration