[Samba] not working : valid users = @"DOM+USER"
spaceboy at spaceboy.co.uk
Mon Jun 7 14:47:40 GMT 2004
I've just done this here on Solaris 8.
I have found slightly odd behaviour in that wbinfo -u and wbinfo -g only
return the actual usernames and groups rather than "DOMAIN+Username" and
So in my smb.conf file I needed:-
valid users = @Groupname
without the DOMAIN+ part.
And yes I've set winbind seperator = + as well.
Just a thought.
Charles Bueche wrote:
>I have Samba 3.0.4 on Solaris 9, recent patches applied. Samba is
>integrated in domain (security = domain). I have compiled and
>configured winbind, but not pam and no ldap. Ncsd is stopped.
>Winbind works OK, I can connect to share and users get mapped on-the-fly
>to UNIX uids and gids in the ranges specified in smb.conf. My config is
>included below with some tweaks to protect the innocent.
>My goal : I want to create a share and restrict its access based on the
>membership of a Windows group.
>I have successfuly used :
> valid users = DOM+user1 DOM+user2 DOM+user3
>but when I try :
> valid users = @DOM+wingroup
> valid users = +DOM+wingroup
>It refuses me access to the share, even if I'm member of the Windows
>What do I do wrong ? How should I write the groupnames ? Help wanted...
More information about the samba