I have strange permission issues with samba and AD.
When I try to write to my samba directory from XP, it says: access denied.
The directory /mkt/ has 775 permission and is owned by user mkt and group mkt (I added the group and user on linux). In /etc/group I have added the active directory user to the mkt group. If I change the permission to 777, I can write/ delete from XP without any issues.
Also, the file I create from XP is owned by the AD user
but with a different group called "domain users" - this is my gid on my AD account. My question is why samba is getting gid from AD and not from unix and what's the best way to fix this issue? - from unix or from Windows end? and how?
I can see the shares using smbclient -L server -U <AD_USER_NAME>
Here is my smb.conf. Thanks.
Code:
[global]
workgroup = AD
security = ADS
realm = AD.COMPANY.COM
encrypt passwords = yes
preferred master = no
log level = 3
auth methods = winbind
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
idmap uid = 100000-200000
idmap gid = 100000-200000
netbios name = test
password server = 192.168.25.25
template homedir = /home/%D/%U
template shell = /bin/bash
winbind enum groups = Yes
winbind enum users = Yes
[mkt]
path = /mkt/
comment = mkt Data Share
directory mask = 0770
create mask = 0777
read only = no
available = yes
browseable = yes
writable = yes
guest ok = no
public = no
printable = no
share modes = no
locking = no
Thanks for any help.
