[Samba] W2k8r2 and samba 3 integration

paul harford harfordmeister at gmail.com
Wed Dec 4 03:38:38 MST 2013

Hi Samba users
we have a samba 3 system we use as a NAS for a windows AD setup but we are
having serious issues with the ad integration.

has anyone any tips or trick for the AD windows 2008r2/ samba integration ?

we basically can't add groups or users to the share from the AD dc. we just
get access denied even if we make the domain admins and current user the
owner of the share. we have tried various configs and the below seems to
get us part of the way.

i would appreciate any suggestions for you guys :-)


        log file = /var/log/samba/log.%m

        winbind nss info = rfc2307

        load printers = yes

        idmap gid = 10000-30000

#       winbind trusted domains only = yes

        encrypt passwords = yes

        realm = "DOMAIN removed for security reasons"

#       winbind use default domain = yes

        passdb backend = tdbsam

        cups options = raw

        netbios name = sfnas02

        server string = Samba Server Version %v

        idmap uid = 10000-30000

        workgroup = "DOMAIN removed for security reasons"

        os level = 20

        security = ADS

        max log size = 50

        winbind enum users = yes

        winbind enum groups = yes

        winbind nested groups = Yes

        vfs objects = acl_xattr

        acl_xattr:ignore system acls = yes

        map acl inherit = Yes

        store dos attributes = Yes

        acl group control = Yes

        acl map full control = Yes

More information about the samba mailing list