[Samba] problems accessing shares with force group
Allen Chen
achen at harbourfrontcentre.com
Tue Feb 2 18:19:20 UTC 2021
It works for me with samba 4.6.8 member server. The only difference is
that I don't put the "@" sign in front of my group name.
Allen
On 2/2/2021 10:16 AM, Piviul via samba wrote:
> Il 02/02/21 11:26, Rowland penny via samba ha scritto:
>> [...]
>> What, apart from still using Samba 4.5.16 ?
>
> debian; I have the same strange behaviour in stretch (oldstable) and
> in bullseye (testing), I don't known in buster (stable) but I can try.
> oldoldstable seems to work correctly
>
>
>> I do not know, if you are going to post a part of the smb.conf, post
>> the entire smb.conf
> # Global parameters
> [global]
> lock directory = /var/cache/samba/
> log file = /var/log/samba/log.%m
> logging = file
> map to guest = Bad User
> max log size = 1000
> obey pam restrictions = Yes
> pam password change = Yes
> panic action = /usr/share/samba/panic-action %d
> realm = AD.CSARICERCHE.COM
> security = ADS
> server string = %h server (Samba, Ubuntu)
> template shell = /bin/bash
> usershare allow guests = Yes
> winbind offline logon = Yes
> winbind refresh tickets = Yes
> wins server = 192.168.64.2
> workgroup = DOMINIOCSA
> idmap config dominiocsa : range = 10000-24999
> idmap config dominiocsa : backend = rid
> idmap config * : range = 3000-9999
> idmap config * : backend = tdb
>
>
> [test]
> browseable = No
> comment = test force group directive
> force group = "@DOMINIOCSA\Domain Users"
> path = /home/test_share
> write list = "@DOMINIOCSA\Domain Users"
>
>
> Furthermore I don't know if it's normal but getent group or wbinfo
> --group-info doesn't show member users but if I set winbind expand
> groups to 1 the getent group and wbinfo --group-info shows correctly
> the member users.
>
> Many thanks
>
> Piviul
>
>
More information about the samba
mailing list