[Samba] Having problem with "valid users" in Active Directory/Samba environment
Bjoern Meier
bjoern.meier at googlemail.com
Sat Feb 13 10:41:38 MST 2010
hi,
2010/2/13 Eric Peterson <ericrpeterson at sbcglobal.net>:
> Dale,
>
> I was hoping that there was someone out there who:
> a) uses Samba integrated with Active Directory, and
we do
> b) successfully uses the Samba permissions to allow "domain admin" members
> access to the shares of "domain users" from XP workstations.
> To narrow the scope of the troubleshooting, I am looking for a known working
> smb.conf configuration that supports this.
> Then I can make sure my smb.conf uses a similar configuratation and, if the
> problem persists, focus my troubleshooting on other areas.
we also do. I though i've described the way we done this. Samba +Ext3
both a supporting ACLs.
Here some hints
- You can add access right for a specific folders with setfacl -R -m
u:domain/administrator:rwx <folders> AND setfacl -R -m
default:u:domain/administrator:rwx <folders>
- Then: Samba Creates home-directories like /home/DOMAIN/user we
create a share homesdir with path =/home/DOMAIN + valid user =
@DOMAIN/administrators (the user directories are for they personal
use)
- we also have a share /data/profiles in which Windows creates the
roaming profiles. You may guess we have this share read and writes for
all domain members.
- we tell windows (with the domain security policy) to add the
administrator with full access to all profiles
What more information do you need?
Greetings,
Björn
More information about the samba
mailing list