[Samba] Unable_to_migrate_shares_from_AD_to_file_server

srikar srikars at vedams.com
Fri Jun 2 15:10:31 UTC 2017 

Hi Rowland,
               Thanks for the reply.
>I thought I had pointed out that 'Administrator' was a Windows user and
shouldn't be used in smb.conf. 
 My requirement is to migrate shares present in AD to a domain member(Ubuntu
machine). These migrated shares must be accessed with the domain users
credentials previously assigned to the share. It was because of this reason
I was using Windows user on them.

>>     force group = "domain users"
>>     writable = yes
>>     read only = no
>>     force create mode = 0660
>>     create mask = 0777
>>     directory mask = 0777
>>     force directory mode = 0770
>>     access based share enum = yes
>>     hide unreadable = yes 

>You would be better off removing most of these lines and using ACLs set
from Windows, see here:
>https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs

I went through the above wiki . It talks about  "extended access control
lists"  and changing the acls of shares having "extended access control
lists" on a windows system. I have almost hundred shares and 
changing the acls of each and every share manually by above method is
complicated. I wanted to automate this process of migrating and preserving
acls using "net rpc". Can you please help me with this.

>Have you set up libnss_winbind and /etc/nsswitch.conf, does 'getent passwd'
display the DOMAIN users ? 
 I have already installed libnss_winbind before joining AD.Below is my
/etc/nsswitch.conf file. 

passwd:         files winbind
group:          files winbind
shadow:         files winbind
gshadow:        files

hosts:          files dns
networks:     files 

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis

AD joining was also done successfully.

>Until 'getent passwd username' produces output, you will get nowhere i.e.
getent passwd rowland
>rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash 

'getent passwd' is working successfully .Below is the output of  'getent
passwd username' on my unix system.
# getent passwd demouser
demouser:*:11114:10513:demouser:/home/SAMDOM/demouser:/bin/bash 

Regards,
S.Srikar.



--
View this message in context: http://samba.2283325.n4.nabble.com/Unable-to-migrate-shares-from-AD-to-file-server-tp4719456p4719463.html
Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list