[Samba] Samba 4 AD share: Access denied

Ryan Ashley ryana at reachtechfp.com
Thu Aug 14 15:00:10 MDT 2014

I have not tried running winbind in debug mode. I will try that this evening. I still intend to try PAM however. If I don't I cannot tell somebody it doesn't work. Won't hurt anyway.

Rowland, thank you. I already found that. I did some searching after my reply. I intend to use it once PAM is configured for winbind.

Sent from my Verizon Wireless 4G LTE smartphone

<div>-------- Original message --------</div><div>From: Sébastien Le Ray <sebastien-samba at orniz.org> </div><div>Date:2014/08/14  15:44  (GMT-05:00) </div><div>To: samba at lists.samba.org </div><div>Subject: Re: [Samba] Samba 4 AD share: Access denied </div><div>

There's no need to configure PAM to get a working setup

Do you have the rfc2307 stuff in your fileserver smb.conf and do all 
your groups have an assigned Unix GID? Did you try running winbindd in 
"debug" mode?


Le 2014-08-14 21:01, Ryan Ashley a écrit :
> Well, guess I will be configuring PAM! On a side note, I finally got
> my UNIX Attributes tab! I assigned all built-in groups ID's starting
> at 20001 and all built-in user accounts ID's starting at 10001.
> Assigned primary groups and all, and it went VERY smoothly. No change
> though. I still cannot access the shares as a normal user. Yes, I did
> reboot the file-server and chown the shares to the new ID's.
> Anyway, I will do the PAM configuration now. Just one question. How
> can I prevent login if I do the PAM configuration? Also, why did it
> work without PAM for weeks? On top of that, why do my other locations
> without any PAM configuration work fine and have worked fine for up to
> two years? Seems odd that this one location requires PAM.
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list