Hi everyone, I have an issue with Samba agains Active Directory. The authentication works just fine but when it comes to shares I've ran into some problems.
If I use any group mapping from the AD it won't let me access it so I figure that is where the problem lays. If I comment out "valid users", "force user" and "force group" then I have no problems and it goes by the file system restrictions. Does anyone ever run into the same problem?, is there a way to fix it? Thanks in advanced. Here is my smb.conf: [global] netbios name = filer workgroup = MYCOMPANY realm = MYCOMPANY.COM preferred master = no server string = mycompany Filer security = ADS map to guest = Bad User obey pam restrictions = Yes password server = * log level = 1 vfs:2 log file = /var/log/samba/log.%m max log size = 1000 name resolve order = wins lmshosts bcast socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 33 local master = no domain master = no wins server = 192.168.0.10 allow trusted domains = no idmap backend = rid:MYCOMPANY=1000-11000 idmap uid = 1000-11000 idmap gid = 1000-11000 winbind use default domain = yes winbind enum users = yes winbind enum groups = yes template shell = /bin/bash template homedir = /home/%U winbind separator = | winbind use default domain = Yes winbind cache time = 30 use kerberos keytab = Yes printcap name = /etc/printcap unix extensions = no [homes] comment = Home Directories valid users = %D|%S path = %H read only = no security mask = 0640 directory security mask = 0750 browsable = no vfs objects = recycle recycle: keeptree = yes recycle: maxsize = 52428800 [Internal] comment = Internal Projects path = /filer/internal read only = yes create mask = 0664 directory mask = 0775 browsable = yes vfs object = recycle recycle: keeptree = yes recycle: maxsize = 52428800 valid users = @pm, @design write list = @pm force group = pm force user = root hide dot files = yes msdfs root = yes Here is the error from the workstation that is trying to get access to the server. The user is part of the Group PM. Error from log.%m: [2009/05/26 10:36:55, 1] smbd/service.c:close_cnum(1230) traveller (192.168.0.71) closed connection to service Internal [2009/05/26 10:36:58, 0] auth/auth_util.c:create_builtin_administrators(844) create_builtin_administrators: Failed to create Administrators [2009/05/26 10:36:58, 0] auth/auth_util.c:create_builtin_users(810) create_builtin_users: Failed to create Users [2009/05/26 10:36:58,id max.leon uid=2109(max.leon) gid=2216(mycompany) groups=2216(mycompany),2152(browse),2108(remote),2190(macadmin),2146(developers),2204(flashdev),2140(qa),2141(design),2180(it-tech),1513(domain users),2139(engineering),2177(pm),1512(domain admins) 1] smbd/service.c:make_connection_snum(1033) traveller (192.168.0.71) connect to service Internal initially as user MYCOMPANY|max.leon (uid=2109, gid=2216) (pid 14369) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba