[Samba] Allow access to a share for only one machine account

Danny Fedor lubomirf.vav at gmail.com
Sun Apr 20 14:14:08 MDT 2014


I have two domain controllers running ubuntu (12.04 and 13.10) both with
samba (4.1.6 and 4.1.7) installed and running (and with sssd on both
machines to retrieve uid/gid from AD). I wish to set a share on ubuntu2 in
the way so it could be accessible only from ubuntu1 (and by any user from
ubuntu1, for instance by local root).

I have found this solution though I'm not sure it solves my issue:
http://community.centrify.com/t5/Centrify-enabled-Samba/How-to-allow-Windows-machine-accounts-to-connect-to-a-share-as/td-p/11834

Anyway, it does not work -- klist doesn't return any ticket for the machine
account on either ubuntu1 or ubuntu2 (yet both machines are listed in AD in
the group "Domain Computers") if I'm logged as a local user (if I log in as
a domain user, than klist correctly shows a ticket for my user account, but
still none for the machine).

Is there any other, better way to set this up?



--
View this message in context: http://samba.2283325.n4.nabble.com/Allow-access-to-a-share-for-only-one-machine-account-tp4664550.html
Sent from the Samba - General mailing list archive at Nabble.com.


More information about the samba mailing list