[Samba] Samba sharing authentication
Chris Culpepper
Chris.Culpepper at mountainone.com
Tue Aug 9 09:58:22 MDT 2011
I have a samba share at /share. I am trying to get it to authenticate it to a single user for right now. It is attached to the domain, and wbinfo -a\-u\-g all succeed. a login command with a domain user only works after a sucessful wbinfo -a "DOMAIN\user%password". This user is then able to authenticate using the "login" command. As of right now whenever I go to this machine from windows, it asks for a username and password just to get into the server, not the share. When going to the share as in \\ip.address\share<file:///\\ip.address\share>, it still goes to a password prompt. My configuration is as follows:
[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL
server string = File server
security = ADS
map to guest = Bad User
obey pam restrictions = Yes
password server = DC. DOMAIN.LOCAL
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind nested groups = No
winbind refresh tickets = Yes
idmap config DOMAIN : range = 10000-20000
idmap config DOMAIN : backend = rid
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
browseable = No
browsable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[share]
path = /share
valid users = DOMAIN2+chris.culpepper, DOMAIN+test, DOMAIN2\\chris.culpepper
read only = No
[test]
path = /home
read only = No
guest ok = Yes
I am pretty sure it is something obvious that I missed, but any assistance would be greatly appriciated!
Under no circumstances should non-public personal information (NPPI) be transmitted via unsecured e-mail. For your protection do not include account numbers, social security numbers, passwords or any other NPPI in email messages sent to MountainOne Financial Partners or its affiliates. Under no circumstances will we ever make a request of NPPI or financial information via unsecured e-mail. The information in this e-mail message is legally privileged and confidential and is intended only for the use of the addressee(s) named above. If you are not the intended recipient, you are hereby notified that you are not authorized to use, distribute, or copy this e-mail or its attachments. If you have received this e-mail in error, please notify the sender as soon as possible. In addition, please delete the erroneously received message from any device and/or media where the message is stored.
More information about the samba
mailing list