[Samba] valid users with AD group
jsl6uy js16uy
js16uy at gmail.com
Thu Dec 15 19:50:09 UTC 2016
Hello all, hope all is well/happy holidays
Issues with an old thread out there, valid users containing an AD group
Have tried this on systems running cent7u2 and ubuntu trusty. These systems
are running sssd. I can login with AD users and chown/chgrp file with AD
groups. However, I can't get AD groups to work with valid users for
restricting share access. If I just set individual AD users, works just
fine.
I did troll thru googles and this mailing list, but many posts were
leveraging winbind or winbind and older versions of samba. Faqs and docs
led me to try several variants for vaild users =
@"MC\MC-Services"
@"MC\\MC-Services"
@MC-Services
MC-Services
Any thoughts/help would be greatly appreciated.
thanks and regards
some samba vers on the centos host
samba-common-4.2.3-12.el7_2.noarch
samba-common-tools-4.2.3-12.el7_2.x86_64
samba-common-libs-4.2.3-12.el7_2.x86_64
samba-4.2.3-12.el7_2.x86_64
samba-libs-4.2.3-12.el7_2.x86_64
samba-client-libs-4.2.3-12.el7_2.x86_64
[root at Xsamba]# smbd -V
Version 4.2.3
>>>Here is the config
[global]
workgroup = mc
server string = Samba Server Version %v
log file = /var/log/samba/log.%m
max log size = 50
security = ads
bind interfaces only = yes
interfaces=192.168.99.0/24
dedicated keytab file=/etc/krb5.keytab
password server = 192.168.1.2 192.168.1.3
realm = MC.FOO.COM
passdb backend = tdbsam
map to guest = Bad Uid
[homes]
comment = Home Directories
browseable = no
writable = yes
[logs]
comment = Server Logs
path = /logs
writable = no
#valid users = jsmith
valid users = @"MC\MC-Services"
printable = no
~
More information about the samba
mailing list