Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   Samba AD valid users issue (http://www.linux-archive.org/centos/102151-samba-ad-valid-users-issue.html)

06-06-2008 09:26 PM

Samba AD valid users issue
 
I have setup a new server centos 5.1 server as a storage
server with over 7TB of storage. The server has been
integrated into a large Active Directory network there are
5 primary AD servers and a large number of local AD server
at each location (over 20). There are also over 15 trusted
domains hundreds of groups and thousands of users. It has
been quite a challenge to integrate the Linux server with
Samba into this incitement. I am now at a point where I
can change user and group ownership of filed and folders
at AD users and connect to the server with a windows
client.


There are also issues with Samba not starting on bootup
(yes the service is set to start at level 3 ? system
starts non GUI). And it seems to take quite a while for
system to recognize domain users on startup.


The [TEST] share works with out issue.
The [TEST-ENG] share is not working no matter what I do.

The issue that I am having is that most of the groups have
a ?@? at the beginning.

Ie: @DIV-Engineering
This conflicts with the Samba ?valid users = ? directive
in the smb.conf.


I have been able to change the group ownership to
?@DIV-Engineering? in the file-system without any issues.



Is there any way to do this?


[global]
workgroup = XXX
realm = XXX
server string = Samba Server Version %v
security = ADS
auth methods = guest, sam, winbind
obey pam restrictions = Yes
password server = nycbcc01.xxx.ad.xxx.net
# winbind separator =
# passdb backend = tdbsam
wins server = 192.20.76.98
ldap ssl = no
winbind use default domain = yes
idmap uid = 10000-100000
idmap gid = 10000-100000
winbind enum users = Yes
preferred master = no
encrypt passwords = yes
template homedir = /home/samba/%D/%U
cups options = raw

[homes]
comment = Home Directories
read only = No
browseable = No

[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No

[TEST]
path = /home/samba/shares/TEST
valid users = @"XXXDomain Users"
force group = "XXXdomain users"
read only = No
create mask = 0774
force create mode = 0775
directory mask = 0775
force directory mode = 0770
force directory security mode = 0770

[TEST-ENG]
path = /home/samba/shares/TEST
valid users = @"XXX@DIV-Engineering"
force group = "XXX@DIV-Engineering"
read only = No
create mask = 0774
force create mode = 0775
directory mask = 0775
force directory mode = 0770
force directory security mode = 0770
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 02:04 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.