I've checked the wbinfo all returns as expected . I've checked the user on the UNIX server can access the files and dir - no problem.
I don't understand if SAMBA is actually try to map FIRSTGROUP\admandymarr on to the share ? If it is then it wont work, as the share only specifies the username not the domain and username. I'm not using PAM for these shares , is it needed ? Am I missing a trick ? Anything would be a help Regards Andy -----Original Message----- From: Marr,A,Andy,DGE62 C Sent: 29 September 2009 11:01 To: samba@lists.samba.org Subject: not permitted to access this share Hi all I've a SAMBA 3.0.33 server running on Solaris 10 sparc. The server is joined to a Windows ADS. I'm getting the following error when trying to access the share as an AD user from a windows machine. [2009/09/29 10:48:05, 2] smbd/service.c:(616) user 'FIRSTGROUP\admandymarr' (from session setup) not permitted to access thi s share (lsww) [2009/09/29 10:48:05, 3] smbd/error.c:(106) error packet at smbd/reply.c(514) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED ) I setup a temp share with an empty valid users list , but I get the same issue. I'm not sure if the user should have the domain\user when trying to access the share ? I'm so close :-) Any pointers would be great ? Smb.conf [global] workgroup = FIRSTGROUP netbios name = FGUKSHPPAY001 realm = FIRSTGROUP.COM preferred master = no server string = DR Samba Server security = ADS encrypt passwords = yes allow trusted domains = yes log level = 5 log file = /var/samba/log/log.%m max log size = 250 printcap name = /dev/null load printers = no idmap uid = 62000-73000 idmap gid = 6200-7300 winbind use default domain = yes winbind enum users = yes winbind enum groups = yes template homedir = /export/home/%U template shell = /bin/bash password server = fgukcbpadc001.firstgroup.com #============================ Share Definitions ============================== [temp] comment = lsww path = /tmp valid users = public = yes browseable = yes read only = yes [lsww] comment = lsww path = /mirror/livesww/list valid users = admandymarr public = yes browseable = yes read only = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba