[Samba] Access to sharing by hostname but not by its IP
Rowland Penny
rpenny at samba.org
Tue Jul 25 13:44:13 UTC 2017
On Tue, 25 Jul 2017 14:52:37 +0200
Marc-Henri Pamiseux via samba <samba at lists.samba.org> wrote:
Just a few comments on your smb.conf:
>
> password server = hera.local.mydomain
You should remove the above line, Samba will find the best DC to use.
> encrypt passwords = Yes
The above line is a default and as such could be removed.
>
> idmap config * : backend = tdb
> idmap config * : range = 950-999
The '*' domain is for the Well Know SIDs and anything outside the
'MYDOMAIN' domain, there are 96 Well known SIDS, therefore your range
isn't big enough.
> idmap config MYDOMAIN:backend = ad
> idmap config MYDOMAIN:range = 1000-3000300
By using a 'domain range that starts at '1000' means that you cannot
have ANY local Unix users.
> idmap config MYDOMAIN:unix_nss_info = yes
> idmap config MYDOMAIN:schema_mode = rfc2307
> idmap config MYDOMAIN:unix_primary_group = yes
Do the users groups exist with a gidNumber inside '1000-3000300' ?
> vfs objects = acl_xattr dfs_samba4
Why are you using 'dfs_samba4' ?
As for the shares, you would be better setting the permissions from
windows, see here:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
Rowland
More information about the samba
mailing list