[Samba] AD issue....
Aaron J. Zirbes
ajz at cccs.umn.edu
Mon Dec 3 15:14:13 GMT 2007
I believe you want @"domain users" not "@domain users" (notice the placement of @)
--
Aaron
Michael Fernández M. wrote:
> El lun, 03-12-2007 a las 18:43 +0530, Sadique Puthen escribió:
>> Set "winbind use default domain = yes" in smb.conf if you want to change
>> ownership of files to ad users using their actual name. If you don't set
>> it, you should change the ownership using "domain+username" as the
>> username which linux doesn't like much.
>>
>> If you want getent passwd/group to work please make sure that you have
>> the below parameters in smb.conf though it has slight problems while
>> maintaining large number of users.
>>
>> winbind enum users = yes
>> winbind enum groups = yes
>
> Yes, now is working, i can get the users an groups with getent passwd
>
> Thanks!!!!
>
> But i cannot set permissions to shares map via Windows, i have the
> folowing configuration in SMB.conf:
>
> drwxrwxrwx 3 administrator domain users 4096 2007-11-30 16:39 Domain
>
> [domain]
> comment = domain
> browseable = yes
> path = /home/Domain
> public = yes
> writable = yes
> valid users = '@domain users' <<< This will work?
>
>
> Michael.-
>
>
>
>> This is not required if you are running "getent passwd <username>".
>>
>> --Sadique
>>
>> Michael Fernández M. wrote:
>>> Hi, i want to integrate AD + Samba3 via kerberos, every works great i
>>> get the users and groups with wbinfo -u and wbinfo -g
>>> so in linux i cat set the permissions to a share using the AD's users.
>>> However when i try "getent passwd" I only get the system users and not
>>> the AD's users... in my nsswitch.conf i have:
>>>
>>> passwd: files winbind
>>> group: files winbind
>>> shadow: files
>>> hosts: files dns winbind
>>> networks: files
>>>
>>>
>>> In the other hand on Windows when I try to set a permission to a share
>>> using I cannot set them, because i got Permission denied.
>>>
>>> The following is my smb.conf:
>>>
>>> [global]
>>> security = ADS
>>> netbios name = andromaca
>>> realm = domain.tld
>>> encrypt passwords = yes
>>> password server = x.x.x.x
>>> workgroup = domain
>>> idmap uid = 10000-20000
>>> idmap gid = 10000-20000
>>> ldap ssl = no
>>> winbind separator = +
>>> template homedir = /home/%D/%U
>>> template shell = /bin/bash
>>> client use spnego = yes
>>>
>>> [ol]
>>> comment = ol
>>> browseable = yes
>>> path = /home/ol
>>> public = yes
>>> writable = yes
>>>
>>> [lala]
>>> comment = lala
>>> browseable = yes
>>> path = /home/ol/lala
>>> public = yes
>>> writable = yes
>>>
>>> ------------------------------
>>>
>>> when i set the permissions on lala via linux to a specific AD user, and
>>> then on Windows I map that share with that user so can got it and can
>>> write, read, delete, etc....
>>>
>>> Anyone knows how can i do it in order to set the permissions via
>>> Windows?
>>>
>>> Thanks !!!!
>>>
>>> Michael.-
>>>
>>>
>>>
>>
>
>
More information about the samba
mailing list