[TriLUG] Samba and Active Directory
Roy Vestal
rvestal at trilug.org
Tue Sep 5 02:37:11 EDT 2006
IIRC,
Simply use the nomenclature "domain\\usernameorgroup"...the single \
never worked for me...
HTH
Matt Nash wrote:
> Brian Blater (BBList) wrote:
>>>>> On Fri, Sep 1, 2006 at 11:04 AM, in message
>>>>>
>> <44F84C11.2040403 at intrex.net>,
>> mattnash at intrex.net wrote:
>>> In my smb.conf I have 2 lines that you don't:
>>> client use spnego = yes
>>> client ntlmv2 auth = yes
>>>
>>> I used this page to configure winbind and krb5:
>>> https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto
>>>
>>> I know you don't have ubuntu, but the instructions are general enough
>>>
>>
>>
>>> that it should work.
>>>
>>
>> Thank you!!! I added the two lines above and made a couple more changes
>> as suggested in the link above (removed the winbind separator line and
>> auth methods line and changed the valid users line in the share) and
>> I'm attaching to the share without a password.
>>
>> Now the problem is with perms. If I set the directory 777 no problem
>> writing to the share, or if I make the owner TTA\ituser no problem
>> writing. However if I set the group to the TTA\sambausers group (which
>> ituser is a member of and perms are 775) I cannot write to the
>> directory. Any idea what needs to change or how to get the directory
>> writable by an AD group?
>>
>> Thanks again for helping me get this far.
>> Brian
>>
>>
>>
>
> Unfortunately that is a bit beyond my experience. From poking around
> Google it seems that permissions issues are frequent with Samba. Have
> you tried using the group id as reported by 'getent group' rather than
> the domain\group syntax? You may also want to try the group name
> without the leading domain name. Also make sure that you have "valid
> users = TTA\sambausers" or something like it in smb.conf.
More information about the TriLUG
mailing list