Hello everyone,
I have a small problem, I have a centos 5 server authenticating against a AD 2003, I can log on with the users that belong to specific group as PAM allows that through configuration.
I manage to restrict SSH as well and works like a charm, as a matter of fact I have several webapps with Basic Auth against the winbind and the AD box.
Now I want to do something really simple, to get network shares for specific groups or individuals and I'm having issues.
Here it is the smb.conf:
Code:
[global]
workgroup = DPP
realm = DPP.COM
preferred master = no
server string = DPP test server
security = ADS
map to guest = Bad User
obey pam restrictions = Yes
password server = *
log level = 1
log file = /var/log/samba/log.%m
max log size = 50
name resolve order = wins lmshosts bcast
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
os level = 1
local master = no
domain master = no
wins server = 192.168.15.5
allow trusted domains = no
idmap backend = rid:DPP=1000-11000
idmap uid = 1000-11000
idmap gid = 1000-11000
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
template homedir = /home/%U
winbind separator = |
winbind use default domain = Yes
winbind cache time = 10
use kerberos keytab = Yes
[MNGMT]
comment = Management common docs
path = /storage/mngmt
guest ok = no
read only = yes
browsable = no
write list = @dpp_mngt
Here is the detail of the folder in question:
Code:
drwxrwxr-x 5 root dpp_mngt 4096 Nov 3 15:42 storage
drwxrwxr-x 2 root dpp_mngt 4096 Nov 4 14:16 mngmt
I can authenticate against SAMBA with an AD user that belongs to dpp_mgmt but I cannot write to the share and is driving me bananas, any help will more than appreciate.
Is not a time issue, I have it syncing up with ntp.