[Samba] File Server member DC ACL permissions
Ricardo Pardim Claus
ricardo.claus at yahoo.com.br
Thu Aug 11 19:51:07 UTC 2016
Follow the answers:
> Yes wbinfo shows the user but does 'getent passwd iuser' show anything ?
# wbinfo -i iuser
iuser:*:4294967295:4294967295:iuser:/home/DOMAIN/iuser:/bin/false
# getent passwd iuser
iuser:*:4294967295:4294967295:iuser:/home/DOMAIN/iuser:/bin/false
# id iuser
id: iuser: no such user
smb.conf file server:
# Global parameters
[global]
netbios name = SRV16
server string = Samba4 Server
security = ADS
encrypt passwords = yes
realm = domain.local
workgroup = DOMAIN
log file = /var/log/samba/%m.log
log level = 1
#
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = Yes
winbind nss info = RFC2307
#idmap_ldb: Use
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
# Idmap config for domain DOMAIN
idmap config DOMAIN: backend = ad
idmap config DOMAIN: schema_mode = RFC2307
idmap config DOMAIN: range = 10000-99999
idmap config * : backend = tdb
idmap config * : range = 2000-9999
[data]
comment = Folder data
path = /mnt/dados
read only = No
browseable = yes
inherit acls = Yes
inherit permissions = Yes
guest account = guest
guest ok=yes
writeable = Yes
Another issue that I'm doubt, is with respect to services related to Samba. The services that need to be running: smbd, nmbd and winbindd?
I need to run the Samba 4 script, as explained in this link?
https://wiki.samba.org/index.php/Samba4/InitScript
More information about the samba
mailing list