[Samba] AD issue....
Michael Fernández M.
michael at michael.cl
Mon Dec 3 15:23:21 GMT 2007
El lun, 03-12-2007 a las 08:52 -0600, Aaron J. Zirbes escribió:
> I believe you want @"domain users" not "@domain users" (notice the placement of @)
>
yes, you believe the correct.... thanks
For example:
I share the directory: "eee" via samba.
smb.conf:
[eee]
comment = eee
browseable = y
path = /home/eee
public = yes
writable = yes
The diretory have the following permission:
drwxrwx--- 3 administrator g ingenieria 4096 2007-12-03 11:55 eee
I have the following question, it is posible to set the permission via
windows to a share?
I ask because when I map the share it works, i can create a directory on
it, but when see the properties of a share in order to check the
permissions i see:
Administrator (Unix user\Administrator)
g ingenieria (Unix group\g ingenieria)
And when i try to add an other user i got "access is denied"
I've attached and image of the permissions on windows...
Thanks for the time guys...
Michael.-
> --
> Aaron
>
> Michael Fernández M. wrote:
> > El lun, 03-12-2007 a las 18:43 +0530, Sadique Puthen escribió:
> >> Set "winbind use default domain = yes" in smb.conf if you want to change
> >> ownership of files to ad users using their actual name. If you don't set
> >> it, you should change the ownership using "domain+username" as the
> >> username which linux doesn't like much.
> >>
> >> If you want getent passwd/group to work please make sure that you have
> >> the below parameters in smb.conf though it has slight problems while
> >> maintaining large number of users.
> >>
> >> winbind enum users = yes
> >> winbind enum groups = yes
> >
> > Yes, now is working, i can get the users an groups with getent passwd
> >
> > Thanks!!!!
> >
> > But i cannot set permissions to shares map via Windows, i have the
> > folowing configuration in SMB.conf:
> >
> > drwxrwxrwx 3 administrator domain users 4096 2007-11-30 16:39 Domain
> >
> > [domain]
> > comment = domain
> > browseable = yes
> > path = /home/Domain
> > public = yes
> > writable = yes
> > valid users = '@domain users' <<< This will work?
> >
> >
> > Michael.-
> >
> >
> >
> >> This is not required if you are running "getent passwd <username>".
> >>
> >> --Sadique
> >>
> >> Michael Fernández M. wrote:
> >>> Hi, i want to integrate AD + Samba3 via kerberos, every works great i
> >>> get the users and groups with wbinfo -u and wbinfo -g
> >>> so in linux i cat set the permissions to a share using the AD's users..
> >>> However when i try "getent passwd" I only get the system users and not
> >>> the AD's users... in my nsswitch.conf i have:
> >>>
> >>> passwd: files winbind
> >>> group: files winbind
> >>> shadow: files
> >>> hosts: files dns winbind
> >>> networks: files
> >>>
> >>>
> >>> In the other hand on Windows when I try to set a permission to a share
> >>> using I cannot set them, because i got Permission denied.
> >>>
> >>> The following is my smb.conf:
> >>>
> >>> [global]
> >>> security = ADS
> >>> netbios name = andromaca
> >>> realm = domain.tld
> >>> encrypt passwords = yes
> >>> password server = x.x.x.x
> >>> workgroup = domain
> >>> idmap uid = 10000-20000
> >>> idmap gid = 10000-20000
> >>> ldap ssl = no
> >>> winbind separator = +
> >>> template homedir = /home/%D/%U
> >>> template shell = /bin/bash
> >>> client use spnego = yes
> >>>
> >>> [ol]
> >>> comment = ol
> >>> browseable = yes
> >>> path = /home/ol
> >>> public = yes
> >>> writable = yes
> >>>
> >>> [lala]
> >>> comment = lala
> >>> browseable = yes
> >>> path = /home/ol/lala
> >>> public = yes
> >>> writable = yes
> >>>
> >>> ------------------------------
> >>>
> >>> when i set the permissions on lala via linux to a specific AD user, and
> >>> then on Windows I map that share with that user so can got it and can
> >>> write, read, delete, etc....
> >>>
> >>> Anyone knows how can i do it in order to set the permissions via
> >>> Windows?
> >>>
> >>> Thanks !!!!
> >>>
> >>> Michael.-
> >>>
> >>>
> >>>
> >>
> >
> >
>
More information about the samba
mailing list