[Samba] Linux local user problem when security = ADS
Reginald0
regi0 at ig.com.br
Wed Jun 24 19:34:49 GMT 2009
Hi, folks!
I have two RHEL5 Linux machines, both successfuly joined to a Windows 2008
Server AD domain. I can see AD users, groups, checking trusts, etc.
My problem is that when I try to mount a share from one Linux machine to the
other using a local user, I receive the message "mount error 13 = Permission
denied".
If I add the user with same name/password to the Windows AD domain, then I
can mount the share, and this way I can read but can't write to the mounted
folder on the client side, unless I set "chmod 777" on the server side, but
this would open a security hole on my system.
Before join these two machines to a domain, I was using "security = share"
and "username map" option to map the server local user to the client remote
user, and it was working flawlessly.
Follows below the relevant configuration:
________________________________
"/etc/samba/smb.conf" on server:
[GLOBAL]
security = ADS
workgroup = DOMAINNAME
realm = DOMAINNAME
password server = DOMAINSERVERNAME
username map = /etc/samba/smbusers
winbind use default domain = yes
winbind uid = 10000-20000
winbind gid = 10000-20000
[SHARE]
path = /share
writable = yes
browseable = no
create mask = 0664
valid users = remoteusername
________________________________
"/etc/samba/smbusers" on server:
localusername = remoteusername
________________________________
"mount" command on client:
mount -t cifs //MACHINE1/SHARE /share -o user=remoteusername
________________________________
If you need some more information, please advise me.
Thanks in advance,
Reginald0
--
View this message in context: http://www.nabble.com/Linux-local-user-problem-when-security-%3D-ADS-tp24189729p24189729.html
Sent from the Samba - General mailing list archive at Nabble.com.
More information about the samba
mailing list