[Samba] Linux Mint 21.3 client AD joined OK but no usb working
Rowland Penny
rpenny at samba.org
Fri Mar 22 09:14:22 UTC 2024
On Thu, 21 Mar 2024 22:12:54 -0300
"Douglas G. Oechsler via samba" <samba at lists.samba.org> wrote:
> Hi Marco!
>
>
> Em qui., 21 de mar. de 2024 às 17:41, Marco Gaiarin via samba <
> samba at lists.samba.org> escreveu:
>
> > Mandi! Douglas G. Oechsler via samba
> > In chel di` si favelave...
> >
> > > Somebody get this problem or can help please?
> >
> > Probably the access to USB devices (and other things) are granted
> > via some local groups, so if you have AD/winbind users, they does
> > not have this group.
> >
> > For this, i use typically 'pam_group' module, with a simple config
> > like:
> >
> > *; *; *; Al0000-2400; plugdev,fuse,scanner,video,audio,cdrom,floppy
> >
> > Right, ok!
> But, where do you insert this config, please?
>
> For now I disable The Linux Machines on the Office because when I put
> them inside Samba AD, the machines sometimes logon on the AD and
> sometimes not or stay waiting 'find' or try to logon for a long time.
> When it did work fine, sometimes staying a long time to access file
> server AD. Maybe I need to study for a good way to insert Linux
> machines at the domain that works fine and well for users. Now I
> simply mapped the file server AD path for each user, and well, it's
> working. Today at the same place, I inserted a win10 machine at AD,
> and all works fine.
>
This now sounds like a different problem to the subject matter, if
Samba is set up correctly, then the computer should always be able to
logon without problem (provided the network is working).
Also the ' *; *; *; Al0000-2400;
plugdev,fuse,scanner,video,audio,cdrom,floppy' line suggested was from
a long time ago and was meant to be used with an NT4-style ldap domain
and not AD.
From rereading this thread, you are running Samba 4.18.0 on Linux Mint
21.3 , where did you get the Samba 4.18.0 packages from ? As far as I
can see, Linux Mint doesn't use 4.18.0
How have you set up Samba ?
If it is as an AD DC, then please post the output of 'samba-tool
testparm'
If it is as a Unix domain member, then please post the output of
'testparm -s'
Rowland
More information about the samba
mailing list