[Samba] Access to share is denied for groups on samba 3 - ADS

Kay Obermueller KObermueller at t-online.de
Sat Nov 6 14:04:36 GMT 2004

Hello everybody,
I have a Samba 3.0.7-Debian setup and joined an ADS-domain. I want to 
share a directory, but only an explicitly set "valid user" can access 
the share. It should be accessible to "sambausers", but that doesn't work.
I can also logon as ADS-user on the samba box and get a shell.

In smb.conf:

comment = Documents
path = /home/samba/p
read only = No
valid users = @"ADSDOMAIN\sambausers"
# valid users = @"LIHH\SambaUsers" (doesn't work either)
# valid users = ADSDOMAIN+username (this works)
create mask = 0750
browsable = Yes

I the log file /var/log/samba/log.xpclient I always get:

user 'ADSDOMAIN+username' (from session setup) not permitted to access 
this share (p)
[2004/11/06 01:17:29, 3] smbd/error.c:error_packet(129)
error packet at smbd/reply.c(416) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED

net groupmap list:
SambaUsers (S-1-5-21-788693271-928550680-3704065133-21065) -> sambausers

What ist still missing?
Thank you in advance.


More information about the samba mailing list