LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 02-20-2012, 06:57 PM   #1
rob,s
LQ Newbie
 
Registered: Feb 2012
Location: Ottawa Ontario
Distribution: CentOS 6.2
Posts: 4

Rep: Reputation: Disabled
Samba shares with AD - works with security groups but not with users


I'm currently running into an issue where I have configured Samba to integrate with my Active Directory. I'm able to grant users access to shares using security groups but so far have been unable to give individual users access to a share just by using their domain credentials.

Version of Samba: 3.5.10
Distro: Redhat Enterprise Server 6.1

Result from testparm: (comment in * * doesn't exist in config file)

[global]
workgroup = WORKGROUP
realm = DOMAIN.COM
server string = server1
security = ADS
client schannel = No
password server = Server2.domain.com server3.domain.com *domain controllers*
log level = 3 passdb:3 auth:3 winbind:3
log file = /var/log/samba/samba.log
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = No
domain master = No
dns proxy = No
wins server = 10.1.1.207
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes


[share1]
comment = first share with users being specified
path = /home/share
valid users = WORKGROUP+user1
read only = No
create mask = 0666

[share2]
comment = 2nd share working with groups
path = /home/multimedia
read list = @WORKGROUP+group1
write list = @WORKGROUP+group2
read only = No
create mask = 0666

When I attempt to browse to share2 from my windows PC (and others on the network XP, server 2k3, and win 7 tested) I receive the error that I do not have permission to access this resource.

I'm able to execute the following commands with the expected output
wbinfo -u, wbinfo -g, wbinfo -n username, getent passwd.

I'm not entirely sure what other information would be useful to help diagnose this issue. I'm not sure what other information would be useful but I am happy to provide any addition information.

Thanks,

--Rob
 
Old 02-21-2012, 01:02 PM   #2
ac_kumar
Member
 
Registered: Aug 2011
Distribution: Ubuntu, Fedora
Posts: 175

Rep: Reputation: 9
http://wiki.samba.org/index.php/Samb...tive_Directory
may help
 
Old 02-21-2012, 01:08 PM   #3
Felipe
Member
 
Registered: Oct 2006
Posts: 300

Rep: Reputation: 32
Hello:

Please, read this thread:

http://www.linuxquestions.org/questi...5/#post4603725

If you put "winbind use default domain = Yes", you don't need to put
Quote:
DOMAIN+user
@DOMAIN+group
for users and domains of the same domain is joined the computer. It's enought with
Quote:
user
domain
 
Old 02-23-2012, 09:59 AM   #4
rob,s
LQ Newbie
 
Registered: Feb 2012
Location: Ottawa Ontario
Distribution: CentOS 6.2
Posts: 4

Original Poster
Rep: Reputation: Disabled
Sorry for the delay in replying to these replies but I started with the Samba Wiki, and have checked out the thread that was linked with no luck so far. The reason that I put the DOMAIN+ and @DOMAIN+ is because I'm working with a windows sys admin who is just learning about Linux and I wanted to make it very clear for him that those users and groups are in AD and not the local box.
 
Old 02-23-2012, 10:25 AM   #5
rob,s
LQ Newbie
 
Registered: Feb 2012
Location: Ottawa Ontario
Distribution: CentOS 6.2
Posts: 4

Original Poster
Rep: Reputation: Disabled
[Solved] Samba shares with AD - works with security groups but not with users

Just tracked down the issue to an acl problem instead of the samba issue I had thought it was. When I changed the default mask the shares became accessible to the users it was supposed to be accessible to. Thanks for the replies and the info, have bookmarked those sites!!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] samba : how to synchronize AD users & groups with Samba users &groups zelycorn Red Hat 5 05-12-2011 09:15 AM
samba shares and the notion of group of groups nass Linux - Server 4 03-12-2011 04:50 AM
samba security/winbind/ windows groups Deviathan Linux - Security 1 08-07-2009 06:17 AM
Samba Users and groups with different access? logonuser Linux - Server 2 09-07-2008 07:38 AM
SAMBA....mapping users and groups TheTrexx Linux - Networking 0 01-20-2003 01:10 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 08:40 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration