[Samba] I have issue in configuring file servers with AD integration.

venkat ramu ramut123 at gmail.com
Mon Jan 21 10:23:47 UTC 2019 

Here is the smb.conf.

[global]
    workgroup = SBX
    security = ADS
    realm = SBX.LAN

    dedicated keytab file = /etc/krb5.keytab
    kerberos method = secrets and keytab
    server string = Data %h

    winbind use default domain = yes
    winbind expand groups = 4
    winbind nss info = rfc2307
    winbind refresh tickets = Yes
    winbind offline logon = yes
    winbind normalize names = Yes

    ## map ids outside of domain to tdb files.
    idmap config *:backend = tdb
    idmap config *:range = 2000-9999
    ## map ids from the domain  the ranges may not overlap !
    idmap config TESTAD : backend = rid
    idmap config TESTAD : range = 10000-999999
    template shell = /bin/bash
    template homedir = /home/TESTAD/%U

    domain master = no
    local master = no
    preferred master = no
    os level = 20
    map to guest = bad user
    host msdfs = no

    # user Administrator workaround, without it you are unable to set
privileges
    username map = /etc/samba/user.map

    # For ACL support on domain member
    vfs objects = acl_xattr
    map acl inherit = Yes
    store dos attributes = Yes

    # Share Setting Globally
    unix extensions = no
    reset on zero vc = yes
    veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/
    hide unreadable = yes

    # disable printing completely
    load printers = no
    printing = bsd
    printcap name = /dev/null
    disable spoolss = yes


[share]
comment = Ubuntu File Server Share
path = /srv/samba/share
browsable = yes
guest ok = yes
read only = no
valid users = +"SBX\Test-Group"
create mask = 0640

[test]
comment = Ubuntu File Server Share
path = /srv/samba/test
#valid users = test_groups
#browsable = yes
read only = no
create mask = 0640
writable = yes
inherit permissions = no
valid users = +"SBX\Test-Group"

[test myfolder]
comment = Ubuntu File Server Share, permission inheritance
path = /srv/samba/test/myfolder
#browsable = yes
read only = no
create mask = 0640
writable = yes
valid users = +"SBX\test_groups"



[Folder Name Webmin]
 path = /srv/samba/new-test
 writeable = yes
 comment = Folder Name Webmin
 valid users = +"SBX\Test-Group"

[new-training]
 path = /srv/samba\new-training
 valid users = +"SBX\Test-Group", at +"SBX\Test-Group"
 writeable = yes
 comment = new-training


[New Share]
 path = /srv/samba/NewShare
 comment = New Share
 writeable = yes
 valid users = +"SBX\Test-Group", at +"SBX\Test-Group"

[galaxy-test]
 valid users = +"SBX\Test-Group", at +"SBX\Test-Group"
 comment = galaxy-test
 path = /srv/samba/galaxy-test
 writeable = yes

[inherit]
 path = /srv/samba/test/inherit
 valid users = +"SBX\Inherit-Group", at +"SBX\Inherit-Group"
 invalid users = +"SBX\Test-Group"
 writeable = yes

[inherit1]
 writeable = yes
 comment = inherit1
 valid users = +"SBX\Inherit-Group", at +"SBX\Inherit-Group"
 path = /srv/samba/test/inherit1
        inherit permissions = no


Thanks,

Venkat

More information about the samba mailing list