[Samba] Samba + AD + FreeBSD 7

Richard Fairbanks patchofwood at gmail.com
Wed Oct 8 17:29:45 GMT 2008


I have a problem that I'm trying to solve pretty quickly. Some background: I
am an IT admin (a rather green one, admittedly) in a small/medium business
(70 users total) running in a windows environment-- active directory,
domain, etc. I have been tasked with building a "free file server" that will
be our primary file server. After some research, I chose FreeBSD. I
installed FreeBSD rather painlessly, everything is good with the install all
the hardware works fine, etc.

I installed the samba3 Z(3.0.31) port using "make clean install" with ADS
support, KRB support, LDAP, ACL support, and the default options. Then, I
followed, to the letter, the Ch 10 instructions from Using Samba for Domain
Member Server (Security = ADS).

Now, here's where my question starts: I joined the domain without a hitch.
If I run wbinfo, I can see all the groups and users in Active Directory. If
I run getent, I can't see anything but the unix users and groups. With
smb.conf exactly as set up in the book, Windows users cannot map the samba
shares, but if I comment out the winbind enum users (and groups), they can
map the drives.

How do I verify that my ADS setup is functioning perfectly and without

However, when files are written to the shares, only the user that writes to
the shares can do anything but read. For example, I will copy something to
the "FILES" share. Then user X ("Everyone" in the Windows environment) only
has read permissions.

What I am trying to accomplish are shares that can be controlled by users
depending on their AD permissions. Also, I guess I need help with share
permissions so that the owner of the file in a share isn't the only one that
can read, write, execute. Basically, I need (in one instance) to be able to
create a share that is just file storage that anyone in the office can
modify, delete, copy, etc.

Any and all help is GREATLY appreciated.

More information about the samba mailing list