[Samba] AD issue....
Michael Fernández M.
michael at michael.cl
Mon Dec 3 14:36:00 GMT 2007
El lun, 03-12-2007 a las 18:43 +0530, Sadique Puthen escribió:
> Set "winbind use default domain = yes" in smb.conf if you want to change
> ownership of files to ad users using their actual name. If you don't set
> it, you should change the ownership using "domain+username" as the
> username which linux doesn't like much.
>
> If you want getent passwd/group to work please make sure that you have
> the below parameters in smb.conf though it has slight problems while
> maintaining large number of users.
>
> winbind enum users = yes
> winbind enum groups = yes
Yes, now is working, i can get the users an groups with getent passwd
Thanks!!!!
But i cannot set permissions to shares map via Windows, i have the
folowing configuration in SMB.conf:
drwxrwxrwx 3 administrator domain users 4096 2007-11-30 16:39 Domain
[domain]
comment = domain
browseable = yes
path = /home/Domain
public = yes
writable = yes
valid users = '@domain users' <<< This will work?
Michael.-
>
> This is not required if you are running "getent passwd <username>".
>
> --Sadique
>
> Michael Fernández M. wrote:
> > Hi, i want to integrate AD + Samba3 via kerberos, every works great i
> > get the users and groups with wbinfo -u and wbinfo -g
> > so in linux i cat set the permissions to a share using the AD's users.
> > However when i try "getent passwd" I only get the system users and not
> > the AD's users... in my nsswitch.conf i have:
> >
> > passwd: files winbind
> > group: files winbind
> > shadow: files
> > hosts: files dns winbind
> > networks: files
> >
> >
> > In the other hand on Windows when I try to set a permission to a share
> > using I cannot set them, because i got Permission denied.
> >
> > The following is my smb.conf:
> >
> > [global]
> > security = ADS
> > netbios name = andromaca
> > realm = domain.tld
> > encrypt passwords = yes
> > password server = x.x.x.x
> > workgroup = domain
> > idmap uid = 10000-20000
> > idmap gid = 10000-20000
> > ldap ssl = no
> > winbind separator = +
> > template homedir = /home/%D/%U
> > template shell = /bin/bash
> > client use spnego = yes
> >
> > [ol]
> > comment = ol
> > browseable = yes
> > path = /home/ol
> > public = yes
> > writable = yes
> >
> > [lala]
> > comment = lala
> > browseable = yes
> > path = /home/ol/lala
> > public = yes
> > writable = yes
> >
> > ------------------------------
> >
> > when i set the permissions on lala via linux to a specific AD user, and
> > then on Windows I map that share with that user so can got it and can
> > write, read, delete, etc....
> >
> > Anyone knows how can i do it in order to set the permissions via
> > Windows?
> >
> > Thanks !!!!
> >
> > Michael.-
> >
> >
> >
>
>
More information about the samba
mailing list