I believe you want @"domain users" not "@domain users" (notice the placement of @)
-- Aaron Michael Fernández M. wrote: > El lun, 03-12-2007 a las 18:43 +0530, Sadique Puthen escribió: >> Set "winbind use default domain = yes" in smb.conf if you want to change >> ownership of files to ad users using their actual name. If you don't set >> it, you should change the ownership using "domain+username" as the >> username which linux doesn't like much. >> >> If you want getent passwd/group to work please make sure that you have >> the below parameters in smb.conf though it has slight problems while >> maintaining large number of users. >> >> winbind enum users = yes >> winbind enum groups = yes > > Yes, now is working, i can get the users an groups with getent passwd > > Thanks!!!! > > But i cannot set permissions to shares map via Windows, i have the > folowing configuration in SMB.conf: > > drwxrwxrwx 3 administrator domain users 4096 2007-11-30 16:39 Domain > > [domain] > comment = domain > browseable = yes > path = /home/Domain > public = yes > writable = yes > valid users = '@domain users' <<< This will work? > > > Michael.- > > > >> This is not required if you are running "getent passwd <username>". >> >> --Sadique >> >> Michael Fernández M. wrote: >>> Hi, i want to integrate AD + Samba3 via kerberos, every works great i >>> get the users and groups with wbinfo -u and wbinfo -g >>> so in linux i cat set the permissions to a share using the AD's users. >>> However when i try "getent passwd" I only get the system users and not >>> the AD's users... in my nsswitch.conf i have: >>> >>> passwd: files winbind >>> group: files winbind >>> shadow: files >>> hosts: files dns winbind >>> networks: files >>> >>> >>> In the other hand on Windows when I try to set a permission to a share >>> using I cannot set them, because i got Permission denied. >>> >>> The following is my smb.conf: >>> >>> [global] >>> security = ADS >>> netbios name = andromaca >>> realm = domain.tld >>> encrypt passwords = yes >>> password server = x.x.x.x >>> workgroup = domain >>> idmap uid = 10000-20000 >>> idmap gid = 10000-20000 >>> ldap ssl = no >>> winbind separator = + >>> template homedir = /home/%D/%U >>> template shell = /bin/bash >>> client use spnego = yes >>> >>> [ol] >>> comment = ol >>> browseable = yes >>> path = /home/ol >>> public = yes >>> writable = yes >>> >>> [lala] >>> comment = lala >>> browseable = yes >>> path = /home/ol/lala >>> public = yes >>> writable = yes >>> >>> ------------------------------ >>> >>> when i set the permissions on lala via linux to a specific AD user, and >>> then on Windows I map that share with that user so can got it and can >>> write, read, delete, etc.... >>> >>> Anyone knows how can i do it in order to set the permissions via >>> Windows? >>> >>> Thanks !!!! >>> >>> Michael.- >>> >>> >>> >> > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba