[Samba] Multiple samba servers with AD integration

Dennis Zheleznyak dennis at eshkol.com.co
Tue Dec 2 06:36:35 MST 2014 

Hi all,

I have a CentOS 6.6 machine with samba 3.6.23-12 that is joined to a
Windows active directory domain.

My goal is to configure multiple samba servers on the CentOS machine that
will authenticate using domain controller of the active directory.

DC = 1.1.1.1
CentOS 6.6 = 1.1.1.2

This is my smb.conf:
[global]
        netbios aliases = development sales
        include = /etc/samba/smb.conf.%L
workgroup = TEST
server string = Samba Server Version %v
security = ads
realm = TEST.COM
domain master = no
local master = no
preferred master = no
        socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072
SO_SNDBUF=131072
        use sendfile = true

idmap config * : backend = tdb
idmap config * : range = 100000-299999
idmap config TEST : backend = rid
idmap config TEST : range = 10000-99999
 winbind separator = +
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind nested groups = yes
winbind refresh tickets = yes
template homedir = /home/%D/%U
template shell = /bin/bash
 client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
restrict anonymous = 2
 log file = /var/log/samba/log.%m
max log size = 50

I've created additional two smb.conf.development and smb.conf.sales files
with the same content except the two first lines and added a share
definition(changed the names of the share and path) to both accordingly:

[XYZXYZYXYZX]
comment = Test share
path = /samba/XYZXYZYXYZX
read only = no
valid users = @"TEST+Domain Users"
force group = "Domain Users"
directory mode = 0770
force directory mode = 0770
create mode = 0660
force create mode = 0660
# Hide share from users who don't have access
access based share enum = yes
# Hide files/directories if user doesn't have read access
hide unreadable = yes

However, when I try access the server using Windows :
\\sales
I cannot get passed the authentication windows.. Tried both local and
active directory users and nothing works. It only works if I configure the
share on the main smb.conf.

Please help :)

Thank you,
Dennis.

More information about the samba mailing list