[Samba] rights -- structures

Maurizio Caloro maurizio at caloro.ch
Mon Dec 14 10:47:16 UTC 2020

Rowland, thanks for your flowers!
Ok Winbind smbd nmbd are running now 😊 also after restart the services.

Please now I need to assign the rights to folder, try  this way
	root at srvcar005:/shares/Userhome# chown "mauriziocaloro:smbadmin" "Maurizio Caloro"
	chown: invalid user: ‘mauriziocaloro:smbadmin’

please its seems that the fileserver arnt joint to domain?

-----Ursprüngliche Nachricht-----
Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland penny via samba
Gesendet: Montag, 14. Dezember 2020 11:33
An: sambalist <samba at lists.samba.org>
Betreff: Re: [Samba] rights -- structures

On 14/12/2020 10:26, Maurizio Caloro wrote:
It would, you do not use 'domain' with an AD domain.

Can you please try this smb.conf:

     workgroup = CARAG
     security = ADS
     realm = CARAG.LOCAL

     dedicated keytab file = /etc/krb5.keytab
     kerberos method = secrets and keytab
     server string = Samba Client %h

     winbind use default domain = yes
     winbind expand groups = 2
     winbind refresh tickets = Yes
     winbind offline logon = yes
     dns proxy = no

     idmap config * : backend = tdb
     idmap config * : range = 3000-7999
     idmap config CARAG : backend = rid
     idmap config CARAG : range = 10000-999999
     template shell = /bin/bash
     template homedir = /home/%U

     domain master = no
     local master = no
     preferred master = no
     host msdfs = no

     # user Administrator workaround, without it you are unable to set privileges
     username map = /etc/samba/user.map

     # For ACL support on domain member
     vfs objects = acl_xattr
     map acl inherit = Yes
     store dos attributes = Yes

     # Share Setting Globally
     unix extensions = no
     reset on zero vc = yes
     hide unreadable = yes

     # disable printing completely
     load printers = no
     printing = bsd
     printcap name = /dev/null
     disable spoolss = yes

     # logging
     log level = 0
     max log size = 1000

         path = /shares/Userhome/
         read only = no

Then create /etc/samba/user.map containing this:

!root = CARAG\Administrator

Restart winbind, smbd and nmbd


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list