[Samba] Use Samba with ACL for read Active Directory and set Permissions via it.
Jason Long
hack3rcon at yahoo.com
Fri Dec 26 23:44:12 MST 2014
Thank you so much.
No, I'm not. I joined my linux to Windows domain because of AD. I can define some users in my Linux and Windows clients use it to open share and ... but my problem is that I have a lot of users and groups and Redefine all of them in Linux is a little silly :(. I joined my Linux to Windows domain because of use AD users and groups.
About your question :
"Where did you setup the password for 'jasondomain\jason'? Again, if you
didn't set a password, more modern versions of windows won't allow you to
login (or attach a share) remotely."
I must say that "jason" is defined in AD on Windows OS and I use it for login into Linux.
"You don't say what happens when you try to open 'test'. You say it can't let you? What error message does it give you? "
It don't show me any error and just show Login Windows again :(.
On Friday, December 26, 2014 2:35 PM, Linda W <samba at tlinx.org> wrote:
Jason Long wrote:
> Hello Folks.
> How are you?
>
> I joined my CentOS into Windows Domain and I want to give Permission to files and Directory via Active Directory. When I use "getent passwd" and "getent group", I can see All AD users and Groups. I use below command to give Permission to a Folder via ACL :
>
> setfacl -m g:"jasondomain\jason-rw":rwx /home/local/jasondomain/jason/test
>
> and I create a part for my "smb.conf" file :
>
> [Test]
> comment = test
> path = /home/local/jasondomain/jason/test
> browsable = yes
> inherit acls = yes
> inherit permissions = yes
> inherit owner = yes
> map acl inherit = yes
> acl check permissions = yes
> nt acl support = yes
> #valid users = %D\%S
> #write list = @jasondomain\domain^admins
> read only = no
>
>
> but when I browse the "Test" directory it ask me username and password and when I enter "jasondomain\jason" as username it can't let me to open the "Test" directory. What is the problem?
>
----
Are you already logged into the server under different credentials,
like 'WORKGROUP', jason (i.e. do you already have some shares mounted?)
If I remember, Windows won't allow the same workstation to connect under
two different user id's. If you already have something mounted from your
workstation with different credentials, you need to close (unmount / unmap)
those other connections.
Where did you setup the password for 'jasondomain\jason'? Again, if you
didn't set a password, more modern versions of windows won't allow you to
login (or attach a share) remotely.
You don't say what happens when you try to open 'test'. You say it
can't let
you? What error message does it give you?
More information about the samba
mailing list