[Samba] Samba and Active directory groups

Tharanga Abeyseela (RGA) tharanga.abeyseela at rexelga.com.au
Wed Apr 28 23:42:52 MDT 2010

Hi list,

I have successfully authenticated active directory users with samba. Now I need to create some Active directory security groups and authenticate and redirect those users to a specific directory.
IT_GROUP -  user x , user y
FIN_group - user a, user b

If the user x , access the samba server, that user will be redirected to the specific directory (that's in the samba stanza).

This is my  smb.conf

workgroup = xxx
realm = xxx.COM
preferred master = no
server string = Samba file and print server
security = ADS
encrypt passwords = yes
password server = *
log level = 3
log file = /var/log/samba/%m
max log size = 50
winbind separator = +
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
auth methods = winbind
printcap name = cups
printing = cups

comment = Home Directories
path = /home/IT
browseable = no
writable = yes
inherit acls = yes
inherit permissions = yes
#valid users = @"ADGROUP+domain users"
valid users = @"ADGROUP+domain test_access1"
#create mode = 0664
#directory mode = 0775

comment = Home Directories
path = /home/IT
browseable = no
writable = yes
#valid users = @"ADGROUP+domain users"
directory mode = 0775
valid users = @"ADGROUP+domain test_access2"
write list = @"ADGROUP+domain test_access2"
read list = @"ADGROUP+domain test_access2"

If someone try to access the samba server (\\sambaserver<file:///\\sambaserver>)  it will  create "ADusername" directory on the server. (user Mary access the server it will create a directory named mary automatically ) I need to redirect them to a specific directory based on the Active directory group access .

Can someone help to me solve the issue.


More information about the samba mailing list