[Samba] Permissions Problem using ADS

Allen Miller allen.miller at lymanrichey.com
Mon May 3 16:08:13 GMT 2004

I am running Samba 3.0.3 on a Red Hat Linux 9 server (Intel based).  I am
using the procedures outlined in a document found at
http://de.samba.org/samba/docs/man/unixclients.html.  My Samba server is to
be a Member Server in a W2K Active Directory (AD) domain.  The procedures
for this begin on page 13.  I perform all steps outlined and get similar
results.  On the Samba server, I created a folder called /shares/test and,
using SWAT, shared it with the share name of admin.  Below is a copy of my
smb.conf file:

# Samba config file created using SWAT
# from (
# Date: 2004/05/03 10:26:12

# Global parameters
        unix charset = LOCALE
        workgroup = CALRCO
        realm = LRCO.LRC
        netbios name = SAMBA
        security = ADS
        password server =
        username map = /etc/samba/smbusers
        log level = 1
        syslog = 0
        log file = /var/log/samba/%m
        max log size = 50
        wins server =,
        ldap ssl = no
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        template primary group =
        template shell = /bin/bash
        path = /shares/admin

        comment = SMB Print Spool
        path = /var/spool/samba
        guest ok = Yes
        printable = Yes
        browseable = No

        comment = Printer Drivers
        path = /var/lib/samba/drivers
        admin users = root, Administrator
        write list = root

        comment = Lyman Richey Corporation
        path = /shares/test
        valid users = '@CALRCO\Domain Admins', @admin
        write list = '@CALRCO\Domain Admins', @admin
        read only = No
        create mask = 0777
        directory mask = 0777
        map acl inherit = Yes
        follow symlinks = No

I run Active Directory Users and Computers and can see the Samba server.  I
can right-click on it and click Manage.  When I go to manage the shares, I
get the following error:

	Microsoft Management Console
	The system encountered the following errors while reading the list of
	Error 5: Access is Denied.

When I browse for the share as admin from the domain controller or any other
domain member, I am prompted to login.

What am I doing wrong?


Allen Miller
Network Administrator
Lyman-Richey Corporation
mailto:allen.miller at lymanrichey.com

More information about the samba mailing list