[Samba] File Server member DC ACL permissions

Ricardo Pardim Claus ricardo.claus at yahoo.com.br
Thu Aug 11 19:51:07 UTC 2016

Follow the answers:

> Yes wbinfo shows the user but does 'getent passwd iuser' show anything ?

# wbinfo -i iuser 

# getent passwd iuser 

# id iuser 
id: iuser: no such user

smb.conf file server:

# Global parameters 
netbios name = SRV16 
server string = Samba4 Server 
security = ADS 
encrypt passwords = yes 
realm = domain.local 
workgroup = DOMAIN 
log file = /var/log/samba/%m.log 
log level = 1 
winbind enum users = yes 
winbind enum groups = yes 
winbind use default domain = Yes 
winbind nss info = RFC2307 
#idmap_ldb: Use 
vfs objects = acl_xattr 
map acl inherit = Yes 
store dos attributes = Yes 
# Idmap config for domain DOMAIN 
idmap config DOMAIN: backend = ad 
idmap config DOMAIN: schema_mode = RFC2307 
idmap config DOMAIN: range = 10000-99999 
idmap config * : backend = tdb 
idmap config * : range = 2000-9999 

comment = Folder data 
path = /mnt/dados 
read only = No 
browseable = yes 
inherit acls = Yes 
inherit permissions = Yes 
guest account = guest 
guest ok=yes 
writeable = Yes

Another issue that I'm doubt, is with respect to services related to Samba. The services that need to be running: smbd, nmbd and winbindd? 
I need to run the Samba 4 script, as explained in this link?


More information about the samba mailing list