FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 06-06-2008, 09:34 PM
Michel van Deventer
 
Default Samba AD valid users issue

Hi,

On Fri, 2008-06-06 at 17:26 -0400, mslist@opcenter.net wrote:
> I have setup a new server centos 5.1 server as a storage
> server with over 7TB of storage. The server has been
> integrated into a large Active Directory network there are
> 5 primary AD servers and a large number of local AD server
> at each location (over 20). There are also over 15 trusted
> domains hundreds of groups and thousands of users. It has
> been quite a challenge to integrate the Linux server with
> Samba into this incitement. I am now at a point where I
> can change user and group ownership of filed and folders
> at AD users and connect to the server with a windows
> client.
>
> There are also issues with Samba not starting on bootup
> (yes the service is set to start at level 3 – system
> starts non GUI). And it seems to take quite a while for
> system to recognize domain users on startup.
>
> The [TEST] share works with out issue.
> The [TEST-ENG] share is not working no matter what I do.
>
> The issue that I am having is that most of the groups have
> a ‘@’ at the beginning.
> Ie: @DIV-Engineering
> This conflicts with the Samba “valid users = “ directive
> in the smb.conf.
>
> I have been able to change the group ownership to
> “@DIV-Engineering” in the file-system without any issues.
>
>
> Is there any way to do this?
>
>
> [global]
> workgroup = XXX
> realm = XXX
> server string = Samba Server Version %v
> security = ADS
> auth methods = guest, sam, winbind
> obey pam restrictions = Yes
> password server = nycbcc01.xxx.ad.xxx.net
> # winbind separator =
> # passdb backend = tdbsam
> wins server = 192.20.76.98
> ldap ssl = no
> winbind use default domain = yes
> idmap uid = 10000-100000
> idmap gid = 10000-100000
> winbind enum users = Yes
> preferred master = no
> encrypt passwords = yes
> template homedir = /home/samba/%D/%U
> cups options = raw
>
> [homes]
> comment = Home Directories
> read only = No
> browseable = No
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> printable = Yes
> browseable = No
>
> [TEST]
> path = /home/samba/shares/TEST
> valid users = @"XXXDomain Users"
> force group = "XXXdomain users"
> read only = No
> create mask = 0774
> force create mode = 0775
> directory mask = 0775
> force directory mode = 0770
> force directory security mode = 0770
>
> [TEST-ENG]
> path = /home/samba/shares/TEST
> valid users = @"XXX@DIV-Engineering"
> force group = "XXX@DIV-Engineering"
> read only = No
> create mask = 0774
> force create mode = 0775
> directory mask = 0775
> force directory mode = 0770
> force directory security mode = 0770
Having a quick glance at the config I remember I had a sort of same
issue, set your winbind seperator character to something like '#' and do
the same in the valid users and groups and it should give you more
working stuff The character is a line break which tells samba to
continue reading the config on the next line including spaces and
linebreaks...


regards,

Michel

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-06-2008, 09:44 PM
 
Default Samba AD valid users issue

Thanks,

The issue dos not seem to be with the separator. It is
with the @ as a leading char in the group name. But I will
give it a try on Monday



Michel van Deventer michel at van.deventer.cx
Fri Jun 6 21:34:23 UTC 2008

Having a quick glance at the config I remember I had a
sort of same
issue, set your winbind seperator character to something
like '#' and do
the same in the valid users and groups and it should give
you more
working stuff The character is a line break which
tells samba to
continue reading the config on the next line including
spaces and

linebreaks...
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 04:46 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org