[TriLUG] Samba and Active Directory

Matt Nash mattnash at intrex.net
Fri Sep 1 15:03:17 EDT 2006


Brian Blater (BBList) wrote:
>>>> On Fri, Sep 1, 2006 at 11:04 AM, in message
>>>>         
> <44F84C11.2040403 at intrex.net>,
> mattnash at intrex.net wrote: 
>   
>> In my smb.conf I have 2 lines that you don't:
>> client use spnego = yes
>> client ntlmv2 auth = yes
>>
>> I used this page to configure winbind and krb5:
>> https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto
>>
>> I know you don't have ubuntu, but the instructions are general enough
>>     
>
>   
>> that it should work.
>>     
>
> Thank you!!! I added the two lines above and made a couple more changes
> as suggested in the link above (removed the winbind separator line and
> auth methods line and changed the valid users line in the share)  and
> I'm attaching to the share without a password.
>
> Now the problem is with perms. If I set the directory 777 no problem
> writing to the share, or if I make the owner TTA\ituser no problem
> writing. However if I set the group to the TTA\sambausers group (which
> ituser is a member of and perms are 775) I cannot write to the
> directory. Any idea what needs to change or how to get the directory
> writable by an AD group?
>
> Thanks again for helping me get this far.
> Brian
>
>
>   

Unfortunately that is a bit beyond my experience.  From poking around 
Google it seems that permissions issues are frequent with Samba.  Have 
you tried using the group id as reported by 'getent group' rather than 
the domain\group syntax?  You may also want to try the group name 
without the leading domain name.  Also make sure that you have "valid 
users = TTA\sambausers" or something like it in smb.conf.



More information about the TriLUG mailing list