[Samba] Linux local user problem when security = ADS

Reginald0 regi0 at ig.com.br
Wed Jun 24 19:34:49 GMT 2009

Hi, folks!

I have two RHEL5 Linux machines, both successfuly joined to a Windows 2008
Server AD domain. I can see AD users, groups, checking trusts, etc.
My problem is that when I try to mount a share from one Linux machine to the
other using a local user, I receive the message "mount error 13 = Permission
If I add the user with same name/password to the Windows AD domain, then I
can mount the share, and this way I can read but can't write to the mounted
folder on the client side, unless I set "chmod 777" on the server side, but
this would open a security hole on my system.
Before join these two machines to a domain, I was using "security = share"
and "username map" option to map the server local user to the client remote
user, and it was working flawlessly.
Follows below the relevant configuration:


"/etc/samba/smb.conf" on server:

 security = ADS
 workgroup = DOMAINNAME
 password server = DOMAINSERVERNAME
 username map = /etc/samba/smbusers
 winbind use default domain = yes
 winbind uid = 10000-20000
 winbind gid = 10000-20000

 path = /share
 writable = yes
 browseable = no
 create mask = 0664
 valid users = remoteusername

"/etc/samba/smbusers" on server:

localusername = remoteusername

"mount" command on client:

mount -t cifs //MACHINE1/SHARE /share -o user=remoteusername

If you need some more information, please advise me.

Thanks in advance,


View this message in context: http://www.nabble.com/Linux-local-user-problem-when-security-%3D-ADS-tp24189729p24189729.html
Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list