[Samba] Samba server joining domain and browsing group shares
Alex de Vaal
samba.alex at gmail.com
Thu Feb 28 07:39:49 GMT 2008
Hello,
Want you want is rather easy, I have it running.
My Samba server (on Red Hat) is Domain member of a W2k3 native AD, so it is
joined to the domain (net ads join -Uusername%password)
This is how my smb.conf looks like:
# Global Parameters Needed For Samba 3.0.27a
[global]
workgroup = TEST
realm = TEST.COM
server string = %h server (Samba %v)
security = ADS
password server = adm04.test.com, adm01.test.com
log file = /var/log/samba/%m.log
max log size = 200
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap cache time = 660
domain master = No
ldap timeout = 15
idmap uid = 10000-30000
idmap gid = 10000-30000
template homedir = /data/hom/%U
template shell = /bin/bash
winbind cache time = 660
printer admin = "@TEST.COM\Domain Admins", @TEST.COM\DEP_ADMIN
oplocks = No
level2 oplocks = No
default devmode = No
enable privileges = Yes
host msdfs = No
msdfs root = No
winbind enum users = Yes
winbind enum groups = Yes
winbind nested groups = No
printing = cups
strict locking = Yes
[homes]
comment = Home Directories
read only = No
create mask = 0600
directory mask = 0700
browseable = No
[grp]
comment = Group Directory
path = /data/grp
valid users = @TEST.COM\DEP_TEST_MEMBER
read only = No
inherit permissions = Yes
hide unreadable = Yes
On the server you have to use the chown command and chmod command to give
the AD group DEP_TEST_MEMBER access on the Linux filesystem:
chmod g+s /data/grp
chown 0:"TEST\DEP_TEST_MEMBER" /data/grp
I have 200+ sites running like this... ;-)
Regards,
Alex.
More information about the samba
mailing list