[Samba] Valid users question

Michael Andrewjeski mandrewjeski at zonelabs.com
Thu May 20 23:05:45 GMT 2004


I've a question about the syntax of the valid users option. Any help is
greatly appreciated!

Here is the Background:

samba 3.0.4 
Linux as Domain Member 
Active Directory, not in Native Mode
Compiler opions: --with-winbind --with-pam --with-smbmount 

The goal is to authenticate via the Windows Domain and allow access via
Windows groups.

The syntax in my smb.conf looks like this:

valid users = DOMAIN\SOMEGROUP

However, it doesn't work no matter what. 

I can authenticate individual users thusly:

valid users = DOMAIN\SOMEUSER

I've read about the "@" "+" and "&"  syntax, but they only seem to
represent Unix & Nis groups. 

Is there another way to represent Windows groups? Or is my config the
Here's the conf file:



# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = DOMAIN

# WINS service
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
wins server = XXX.XXX.XXX.XXX

password server = *

server string = SAMBA

log file = /var/log/samba/%m.log
max log size = 0
log level =  10

security = domain

auth methods = guest sam ntdomain

encrypt passwords = yes

local master = no

dns proxy = no

   comment = Some Share
   path = /d1/articles
   public = no
   writable = yes
   printable = no
   valid users = DOMAIN\SOMEGROUP

More information about the samba mailing list