I'm charged to investigate the usage of samba as a file server in a Windows
network with WinXP machines and Active Directory as authentication system.
I experience some problems to let it work correctly.
I can't add some share on the linux debian (2.6.7 with ACL backdoors)
machine with the MMC plug-in. When I try I get access is denied. The
security tab on the winXP machine doesn't reflect the permissions.
smbclient -L localhost -U% --> Ok
kinit <user> --> Ok
net ads join -U <admin> --> Ok
Configuration:
Kernel 2.6.7 with ACL backdoors
Kerberos 5 authentication
Samba 3.0.5
ACL
smb.conf
----------------------------------------------------------------
[global]
workgroup = RVPONP
encrypt passwords = yes
realm = RVPONP.FGOV.BE
server string = %h fileserver (Version %v)
security = ADS
password server = atos.rvponp.fgov.be
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
username map = /etc/samba/smbusers
syslog = 10
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
wins server = WINS.RVPONP.FGOV.BE
ldap ssl = no
panic action = /usr/share/samba/panic-action %d
# idmap backend = ldap://atos.rvponp.fgov.be <ldap://atos.rvponp.fgov.be>
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
template homedir = /data1/private/%U
winbind cache time = 10
winbind use default domain = Yes
winbind nested groups = Yes
winbind enum users = Yes
winbind enum groups = Yes
invalid users = root
include = /etc/samba/dhcp.conf
[printers]
comment = All Printers
path = /tmp
create mask = 0700
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[homes]
comment = Home Directories
read only = No
[public]
comment = Public Shares
path = /data1/private
write list = @users
read only = No
create mask = 0777
directory mask = 0777
guest ok = Yes
[shares]
comment = Temperory Files
path = /data1/private/fierpTest
invalid users = fip01
admin users = fierp
directory mask = 0700
directory security mask = 0700
guest ok = Yes
----------------------------------------------------------------
Can anyone help me?
Thx,
Pierre Fierlafijn
Vriendelijke groeten - Cordialement - Kind Regards
________________________________________
Pierre Fierlafijn
Rijksdienst voor pensioenen - Office national des pensions
Dienst NT RMS - Service NT RMS
blok B 2de verdieping - bloc B 2i?me ?tage
Zuidertoren - Tour du Midi
B-1060 Brussel/Bruxelles
*: +32 (2)529.32.88
*: +32 (2)529.39.09
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
Rijksdienst voor Pensioenen
Office National des Pensions
**********************************************************************
