[Samba] CentOS 7 AD member having issues with AD groups
Jakov Sosic
jsosic at gmail.com
Mon Dec 12 02:23:56 UTC 2016
Hi guys,
I've joined CentOS 7 successfully to AD as member server, and set couple
of shares.
But, limiting access by listing groups, or forcing group write isn't
working.
Samba is clearly having issues with groups.
This is example share not working at all (constantly asking for
authentication):
[tools]
path = /data/tools/
comment = Web development tools
valid users = @"EXAMPLE\itdesign", @"EXAMPLE\itdev"
browseable = yes
writeable = yes
force mode = 0660
force directory mode = 0770
force security mode = 0660
guest ok = no
guest only = no
delete readonly = Yes
follow symlinks = Yes
wide links = No
case sensitive = Yes
When I comment out or remove `valid users` directive, access works.
Also, if I run getent groups it doesn't return any member, while on the
CentOS 6 with samba 3.5.10 it works:
centos7 # getent group 'domain users'
domain users:x:10513:
centos6 # getent group 'domain users'
domain users:x:10513:jakov.sosic
Any ideas?
I've also found this serverfault post:
http://serverfault.com/questions/625416/samba-4-group-members-not-shown-in-getent-group
More information about the samba
mailing list