[TriLUG] Samba and Active Directory

Roy Vestal rvestal at trilug.org
Tue Sep 5 02:37:11 EDT 2006


IIRC,
 Simply use the nomenclature "domain\\usernameorgroup"...the single \ 
never worked for me...

HTH

Matt Nash wrote:
> Brian Blater (BBList) wrote:
>>>>> On Fri, Sep 1, 2006 at 11:04 AM, in message
>>>>>         
>> <44F84C11.2040403 at intrex.net>,
>> mattnash at intrex.net wrote:  
>>> In my smb.conf I have 2 lines that you don't:
>>> client use spnego = yes
>>> client ntlmv2 auth = yes
>>>
>>> I used this page to configure winbind and krb5:
>>> https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto
>>>
>>> I know you don't have ubuntu, but the instructions are general enough
>>>     
>>
>>  
>>> that it should work.
>>>     
>>
>> Thank you!!! I added the two lines above and made a couple more changes
>> as suggested in the link above (removed the winbind separator line and
>> auth methods line and changed the valid users line in the share)  and
>> I'm attaching to the share without a password.
>>
>> Now the problem is with perms. If I set the directory 777 no problem
>> writing to the share, or if I make the owner TTA\ituser no problem
>> writing. However if I set the group to the TTA\sambausers group (which
>> ituser is a member of and perms are 775) I cannot write to the
>> directory. Any idea what needs to change or how to get the directory
>> writable by an AD group?
>>
>> Thanks again for helping me get this far.
>> Brian
>>
>>
>>   
>
> Unfortunately that is a bit beyond my experience.  From poking around 
> Google it seems that permissions issues are frequent with Samba.  Have 
> you tried using the group id as reported by 'getent group' rather than 
> the domain\group syntax?  You may also want to try the group name 
> without the leading domain name.  Also make sure that you have "valid 
> users = TTA\sambausers" or something like it in smb.conf.




More information about the TriLUG mailing list