israelpainchaud
Programmer
I am totaly out of imagination for that one, if anybody can help me I would really apreciate!
I have two LinuxUbuntu servers subscribed to active directory through Kerberos & samba and this works like a charm.
What I want to do is to mount a folder from srv1 on srv2 which I did with the following line in fstab (srv2):
//srv1/FolderX/ /mnt/srv1/ cifs credentials=/root/.credentials 0 0
The crediential file contains the following (srv2):
username=linux
password=pwd123
The user "linux" being an active directory user
On srv1, linux is a member of the group ftpadmin
myself@srv1:~$ groups linux
linux : domain users ftpadmin
And the rights of the folder being shared are:
myself@srv1:~$ ls -la /.../FolderX/
total 72
drwxr-xrwx 20 myself ftpusers 4096 2008-07-08 08:14 .
drwxr-xr-x 4 myself ftpadmin 4096 2008-03-11 10:44 ..
drwxrws--- 3 userx ftpadmin 4096 2007-10-17 16:41 folder1
drwxrws--- 3 usery ftpadmin 4096 2007-10-17 16:41 folder2
drwxrws--- 3 userz ftpadmin 4096 2007-10-17 16:41 folder3
...
On srv1, samba is configured in the following way:
[global]
security = ads
realm = MyDomain.INT
password server = myPasswdSrv.mydomain.int
workgroup = MyDomain
winbind enum groups = no
winbind enum users = no
idmap uid = 10000-10000000
idmap gid = 10000-10000000
winbind use default domain = yes
template homedir = /home/%D/%U
template shell = /bin/bash
client use spnego = yes
invalid users = root
create mask = 0777
force create mode = 0777
force security mode = 0777
directory mask = 0777
force directory mode = 0777
domain master = no
dns proxy = no
follow symlinks = yes
[FolderX]
path = /.../FolderX
available = yes
browsable = yes
public = yes
writable = yes
What happen is that, on srv2, I can access to FolderX but not to its subfolders
myself@srv2:~$ ls -l /mnt/FolderX/
total 0
drwxrws--- 3 1008 1003 0 2007-10-17 16:41 folder1
drwxrws--- 3 10290 1003 0 2007-10-17 16:41 folder2
drwxrws--- 3 1010 1003 0 2007-10-17 16:41 folder3
myself@srv2:~$ ls -l /mnt/FolderX/folder1/
ls: reading directory /mnt/FolderX/folder1/: Permission denied
total 0
I tried different ways to mount the folder, tried different way to configure samba but never found what is keeping me from sharing these files.
I know that the permitions for other on srv1 are all removed but I need it to stay that way for ftp access security.
Thanks for any lead!
I have two LinuxUbuntu servers subscribed to active directory through Kerberos & samba and this works like a charm.
What I want to do is to mount a folder from srv1 on srv2 which I did with the following line in fstab (srv2):
//srv1/FolderX/ /mnt/srv1/ cifs credentials=/root/.credentials 0 0
The crediential file contains the following (srv2):
username=linux
password=pwd123
The user "linux" being an active directory user
On srv1, linux is a member of the group ftpadmin
myself@srv1:~$ groups linux
linux : domain users ftpadmin
And the rights of the folder being shared are:
myself@srv1:~$ ls -la /.../FolderX/
total 72
drwxr-xrwx 20 myself ftpusers 4096 2008-07-08 08:14 .
drwxr-xr-x 4 myself ftpadmin 4096 2008-03-11 10:44 ..
drwxrws--- 3 userx ftpadmin 4096 2007-10-17 16:41 folder1
drwxrws--- 3 usery ftpadmin 4096 2007-10-17 16:41 folder2
drwxrws--- 3 userz ftpadmin 4096 2007-10-17 16:41 folder3
...
On srv1, samba is configured in the following way:
[global]
security = ads
realm = MyDomain.INT
password server = myPasswdSrv.mydomain.int
workgroup = MyDomain
winbind enum groups = no
winbind enum users = no
idmap uid = 10000-10000000
idmap gid = 10000-10000000
winbind use default domain = yes
template homedir = /home/%D/%U
template shell = /bin/bash
client use spnego = yes
invalid users = root
create mask = 0777
force create mode = 0777
force security mode = 0777
directory mask = 0777
force directory mode = 0777
domain master = no
dns proxy = no
follow symlinks = yes
[FolderX]
path = /.../FolderX
available = yes
browsable = yes
public = yes
writable = yes
What happen is that, on srv2, I can access to FolderX but not to its subfolders
myself@srv2:~$ ls -l /mnt/FolderX/
total 0
drwxrws--- 3 1008 1003 0 2007-10-17 16:41 folder1
drwxrws--- 3 10290 1003 0 2007-10-17 16:41 folder2
drwxrws--- 3 1010 1003 0 2007-10-17 16:41 folder3
myself@srv2:~$ ls -l /mnt/FolderX/folder1/
ls: reading directory /mnt/FolderX/folder1/: Permission denied
total 0
I tried different ways to mount the folder, tried different way to configure samba but never found what is keeping me from sharing these files.
I know that the permitions for other on srv1 are all removed but I need it to stay that way for ftp access security.
Thanks for any lead!
