[Samba] I have issue in configuring file servers with AD integration.
Rowland Penny
rpenny at samba.org
Mon Jan 21 10:48:08 UTC 2019
On Mon, 21 Jan 2019 15:53:47 +0530
venkat ramu <ramut123 at gmail.com> wrote:
>
> [inherit]
> path = /srv/samba/test/inherit
> valid users = +"SBX\Inherit-Group", at +"SBX\Inherit-Group"
> invalid users = +"SBX\Test-Group"
> writeable = yes
>
> [inherit1]
> writeable = yes
> comment = inherit1
> valid users = +"SBX\Inherit-Group", at +"SBX\Inherit-Group"
> path = /srv/samba/test/inherit1
> inherit permissions = no
Your computer appears to be a Unix domain member and if you read
the 'invalid users' part of 'man smb.conf'
You will find that '+' means look in the Unix group database
(/etc/group) and '@' means look in the NIS database.
As your computer is a Unix domain member, neither of these will be
used and 'Inherit-Group' should exist in AD.
There is another possible problem (it could a typo), you posted this:
workgroup = SBX
and also this:
idmap config TESTAD : backend = rid
idmap config TESTAD : range = 10000-999999
'TESTAD' should be 'SBX'
Can I also suggest you read this:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
That is a much better way of doing what you require.
Rowland
More information about the samba
mailing list