[Samba] user cannot access shares on new ad-dc

L.P.H. van Belle belle at bazuin.nl
Fri Sep 29 09:49:59 UTC 2017 

And I suggest, in you /etc/hosts:
Change this part. 
192.168.56.1   adminpc.ad.company.de adminpc
192.168.56.42  dc1.ad.company.de dc1

And
/etc/resolv.conf 
search ad.company.de company.de
nameserver 192.168.56.42

The pc used, is domain joined? 

Greetz, 

Louis



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Klaus Hartnegg via samba
> Verzonden: vrijdag 29 september 2017 11:32
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] user cannot access shares on new ad-dc
> 
> Hi,
> 
> I just installed a new AD-DC as described in the wiki.
> Administrator can log on and see the two default-shares.
> Then I used ADUC from RSAT to create an OU and a user.
> User can see the shares (and can map them to a drive letter), 
> but is denied to look inside.
> Same for another share which I added.
> Even when administrator grants permission to everybody.
> 
> I read more wiki, which made me to add a group, and use the 
> Unix-Tab to give the group and the user an UID.
> Then rebootet both server and client, but still no success.
> 
> What else is missing?
> 
> I know that using the DC as fileserver is not recommended, 
> but at least netlogon and sysvol should work.
> 
> Klaus
> 
> 
> Client: Win7
> Server: Ubuntu 14.04 server
> Samba : 4.6.8 compiled from source (./configure; make; make install)
> 
> 
> Both run in VirtualBox.
> First ethernet adapter is NAT to outside world, second 
> adapter is hostonly.
> Samba is told to use only the second one.
> 
> 
> provision command:
> 
> samba-tool domain provision --use-rfc2307 --interactive \ 
> --option="interfaces=lo eth1" --option="bind interfaces only=yes"
> 
> 
> /etc/resolv.conf:
> 
> nameserver 192.168.56.42
> search company.de
> 
> 
> /etc/hosts:
> 
> 127.0.0.1       localhost  localhost.localdomain
> ::1     localhost ip6-localhost ip6-loopback
> ff02::1 ip6-allnodes
> ff02::2 ip6-allrouters
> 192.168.56.1   adminpc
> 192.168.56.42  dc1 dc1.ad.company.de
> 
> 
> smb.conf:
> 
> # Global parameters
> [global]
>       bind interfaces only = Yes
>       interfaces = lo eth1
>       netbios name = DC1
>       realm = AD.COMPANY.DE
>       workgroup = COMPANY
>       dns forwarder = 195.50.140.114
>       server role = active directory domain controller
>       idmap_ldb:use rfc2307 = yes
>       comment =
> 
> [netlogon]
>       path = /usr/local/samba/var/locks/sysvol/ad.company.de/scripts
>       read only = No
> 
> [sysvol]
>       path = /usr/local/samba/var/locks/sysvol
>       read only = No
> 
> [test]
>       path = /srv/samba/test
>       read only = No
> 
> 
> --
> Message sent from a mobile device, please excuse brevity and typos
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list