[Samba] Configuring Samba as a file server to use AD authentication

Rowland Penny rpenny at samba.org
Wed Aug 24 06:54:14 UTC 2016

On Tue, 23 Aug 2016 21:58:43 +0000
Kyle Manel via samba <samba at lists.samba.org> wrote:

> Hello,
> I am attempting to install Samba as a file server within an Active
> Directory domain to use the AD server for group authentication. I
> have worked through various guides, but all leave me unable to
> authenticate into the samba shares using my organizations existing
> user groups in Active Directory. I need the following configuration:
> Share - users : description
> Admin - Admin : This share is exclusive to its user group
> Media - media users : This share is exclusive to its user group and
> the Admin group Junk - all users : This share is accessible to
> everyone
> There are 3 different user groups that will be using this server,
> Admin, Media and Everyone.
> I have a Microsoft Active Directory Server (2012R2) operating as my
> AD server, and an Ubuntu server operating for Samba.
> I would like:
> users to be authenticated each access to the share,
> the process of adding/removing users to be done by the AD server.

Because you are using 2012R2 it will be a little harder, but it should
be do-able. See here:


Because of 2012R2 (no IDMU), you will need to use the winbind 'rid'


More information about the samba mailing list