share for groups on samba 3 - ADS doesn't work
Hello everybody,
I have a Samba 3.0.7-Debian setup and joined an ADS-domain. I want to share a directory, but only an explicitly set "valid user" can access the share. It should be accessible to "sambausers", but that doesn't work.
I can also logon as ADS-user on the samba box and get a shell.
In smb.conf:
[p]
comment = Documents
path = /home/samba/p
read only = No
valid users = @"ADSDOMAIN\sambausers" (dsesn't work)
# valid users = @"ADSDOMAIN\SambaUsers" (doesn't work either)
# valid users = ADSDOMAIN+username (this works)
create mask = 0750
browsable = Yes
I the log file /var/log/samba/log.xpclient I always get:
user 'ADSDOMAIN+username' (from session setup) not permitted to access this share (p)
[2004/11/06 01:17:29, 3] smbd/error.c:error_packet(129)
error packet at smbd/reply.c(416) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED
output of "net groupmap list" related to "sambausers":
SambaUsers (S-1-5-21-788693271-928550680-3704065133-21065) -> sambausers
What ist still missing?
Thank you in advance.
ceixxx
|