I setup up a samba server using SLES 10. I have joined an AD
domain. wbinfo -u - returns the AD user list, so I think winbind is working. When I setup a share the Domain users can see the share but not login unless I enter them locally (smbpasswd -a). It will not let domain users access samba shares.
[global]
workgroup = FRANKLIN
realm = FRANKLIN.INT
server string = Windows Server 2003
security = ADS
map to guest = Bad User
password server = DC1 DC2
printcap name = cups
logon path = \\%L\profiles\.msprofile
logon drive = P:
logon home = \\%L\%U\.9xprofile
domain master = No
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = Yes
winbind refresh tickets = yes
cups options = raw
include = /etc/samba/dhcp.conf
template homedir = /home/%D/%U
template shell = /bin/bash
[profiles]
comment = Network Profiles Service
path = %H
read only = No
create mask = 0600
directory mask = 0700
store dos attributes = Yes
[users]
comment = All users
path = /data/profiles
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /data/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
create mask = 0600
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin, root
force group = ntadmin
create mask = 0664
directory mask = 0775
[test]
comment = test
path = /test
valid users = FRANKLIN\tth
write list = FRANKLIN\tth
read only = No
inherit acls = Yes
domain. wbinfo -u - returns the AD user list, so I think winbind is working. When I setup a share the Domain users can see the share but not login unless I enter them locally (smbpasswd -a). It will not let domain users access samba shares.
[global]
workgroup = FRANKLIN
realm = FRANKLIN.INT
server string = Windows Server 2003
security = ADS
map to guest = Bad User
password server = DC1 DC2
printcap name = cups
logon path = \\%L\profiles\.msprofile
logon drive = P:
logon home = \\%L\%U\.9xprofile
domain master = No
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = Yes
winbind refresh tickets = yes
cups options = raw
include = /etc/samba/dhcp.conf
template homedir = /home/%D/%U
template shell = /bin/bash
[profiles]
comment = Network Profiles Service
path = %H
read only = No
create mask = 0600
directory mask = 0700
store dos attributes = Yes
[users]
comment = All users
path = /data/profiles
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /data/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
create mask = 0600
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin, root
force group = ntadmin
create mask = 0664
directory mask = 0775
[test]
comment = test
path = /test
valid users = FRANKLIN\tth
write list = FRANKLIN\tth
read only = No
inherit acls = Yes