[Samba] how to join to AD ? -Annoyed
mistofeles
ptmusta at utu.fi
Thu Dec 17 08:23:41 MST 2009
Robert LeBlanc wrote:
>
> You seem to be having a lot more trouble with this than it should be.
>
Yes, I know, I'm stupid ;)
And after reading hundreds of pages of Samba documentation I still feel
stupid.
- I didn't find line 'password server = KDC' in your smb.conf. I tought it
must be there.
Login/access is OK. Here my troubles begin.
Robert LeBlanc wrote:
>
> As far as file security, Samba will honor Linux's file permissions
> including ACLs.
>
It seems that I do not understand the system Samba handles the permissions.
It seems that in terminal Linux 'User' permissions (rwx------) are used but
in Samba the access is determined with 'World' (------rwx), if group is nol
valid AD group. Or it is determine by 'Group' (---rwx---), if the group is
valid 'domain users'.
After reading your message twice I made some tuning and found that this line
in [homes] made the permissions work:
path = /home/%U
Note %U. With %S it left users directories wide open RW if d---rwx---
My conf's are still mostly as I have laid them.
Now there is some funny behaviour. If I query \\myserver\somebody (somebody
is a member of AD) on the WinXP MyComputer address line, I get my own
directory \\myserver\myself in window.
This doesn't matter, it happends in my old samba 2 server too.
Another funny thing is that in Win there is both: 'homes' and 'myself' and
they both are connected to 'homes'.
After all this hacking my smb.conf is full of carbage, but it works. I will
collect my conf's to my WWW page ASAP.
--
View this message in context: http://old.nabble.com/how-to-join-to-AD---tp26513594p26829652.html
Sent from the Samba - General mailing list archive at Nabble.com.
More information about the samba
mailing list