[Samba] Issue creating share on Windows domain-joined Debian 12 Server

Luis Peromarta lperoma at icloud.com
Tue Oct 17 22:17:16 UTC 2023 

You can also try

http://samba.bigbird.es/doku.php?id=samba:file-server

This should address most of your problems.

Regards.
On 17 Oct 2023 at 19:35 +0200, Joel R Smith via samba <samba at lists.samba.org>, wrote:
> Environment:
> New install of Debian 12 (Physical Server)
> Latest Samba via apt (4.17.12)
>
> So I am most of the way there getting this to work. I have successfully
> joined the Debian server to our windows domain. I have created a "Unix
> Admins" windows security group with the "SeDiskOperatorPrivilege" enabled.
> The file share exists although I am not yet able to open it. The problem I
> am having is when attempting to manage the share by connecting to the Linux
> server in Windows using Computer Management > Shared Folders > Shares >
> "Share Name" > Properties. In the properties of the share when I go to the
> "Security" tab, the following message appears: "You must have read
> permissions to view the properties of this object". I am unable to take
> ownership through the interface.
>
> Some strange behavior I also noticed that may be related: When I attempt to
> map the domain account I am using to the local root account (user.map:
> !root = NETWORK\Admin) I am unable to connect to the Debian server using
> computer management. It immediately gives an error and the Computer
> Management MMC opens up blank. Immediately after commenting out the
> user.map line and running smbcontrol all reload-config I can again connect
> to the server with Computer Management.
>
> Here are the guides I have been referencing:
>
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
> https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
>
>
> contents of smb.conf:
>
> workgroup = network
> password server = dc.network.domain.ca
> realm = NETWORK.DOMAIN.CA
> security = ads
> idmap config * : range = 16777216-33554431
> template homedir = /home/%D/%U
> template shell = /bin/bash
> winbind use default domain = true
> winbind offline logon = false
> min protocol = SMB3
> passdb backend = smbpasswd
> vfs objects = acl_xattr
> map acl inherit = yes
> username map = /etc/samba/user.map
>
> [storage]
> path = /Backup/Backuptest
> comment = Backup Share
> read only = no
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba

More information about the samba mailing list