[Samba] Various permission issues with SAMBA4+AD and windows clients

[Jean-Francois Gratton]

Hello, I'm having perms issues with my current setup which I can't
figure out exactly.

First, here's my setup :

- Fedora 16 (hostname = oslo) acting as a PDC on SAMBA4 with integrated AD
- Bind 9.8 properly configured on oslo
- Domain name = DEVNET
- linux users local to oslo, having their homes at the proper place
(/home/user1, /home/user2, etc)
- domain users properly created with smbpasswd: smbpasswd -a user1,
smbpasswd -a user2 . Those should be used for Windows machines joining
the domain
- 3 windows machines (Win7, Win2K8R2, Win2K12) who join the DEVNET
domain correctly.
- domain users devnet\user1 and devnet\user2 are able to open the
windows share (as defined in smb.conf) properly for reading, not
writing.
- domain users should be able to map a share to the linux homes, ie
devnet\user1 should be able to net use z: \\oslo\user1 , but this does
not work :
   On the machine Win2K12 (the most problematic of the lot) I get
various errors, the most glaring one was that it tried to map [homes]
to /home/DEVNET\user1 (... why ?)
- as mentioned above, all other shares seem to be read-only while they
should be r/w
- on the fileserver, oslo, I have 3 mountpoints (for example), /mmedia
and /photos (owned by root:mmedia, chmod 770 both) and /storage
(root:shared, 770). It seems that domain users lack group membership,
somehow.

My questions thus :

=> why is the home shares not working properly ?
=> what is the best/correct way to assign unix GIDs to domain members
? Basically I want the linux (local) homes to be reachable by the
domain members (please note that the domain members have their own
local-to-the-windows-machine-they're-on homes). Reaching the linux
homes as share is just a convenient way for them to transfert files
across machines.

Am I clear enough, or am I rambling ? :-)

-- Jeff