[Samba] not working : valid users = @"DOM+USER"
Spaceboy
spaceboy at spaceboy.co.uk
Mon Jun 7 14:47:40 GMT 2004
Charles,
I've just done this here on Solaris 8.
I have found slightly odd behaviour in that wbinfo -u and wbinfo -g only
return the actual usernames and groups rather than "DOMAIN+Username" and
"DOMAIN+Groupname".
So in my smb.conf file I needed:-
valid users = @Groupname
without the DOMAIN+ part.
And yes I've set winbind seperator = + as well.
Just a thought.
Steve
Charles Bueche wrote:
>Hi,
>
>I have Samba 3.0.4 on Solaris 9, recent patches applied. Samba is
>integrated in domain (security = domain). I have compiled and
>configured winbind, but not pam and no ldap. Ncsd is stopped.
>
>Winbind works OK, I can connect to share and users get mapped on-the-fly
>to UNIX uids and gids in the ranges specified in smb.conf. My config is
>included below with some tweaks to protect the innocent.
>
>---
>
>My goal : I want to create a share and restrict its access based on the
>membership of a Windows group.
>
>I have successfuly used :
>
> valid users = DOM+user1 DOM+user2 DOM+user3
>
>but when I try :
>
> valid users = @DOM+wingroup
>
>or :
>
> valid users = +DOM+wingroup
>
>It refuses me access to the share, even if I'm member of the Windows
>group.
>
>What do I do wrong ? How should I write the groupnames ? Help wanted...
>
>
>
>
>
More information about the samba
mailing list