Rich Webb
2003-Oct-12 00:17 UTC
[Samba] PAM-Winbind authentication working but can't use domain groups
I have successfully set up samba 3.0, PAM, Winbind and joined my samba server to a windows 2000 domain. I can log into my linux box as a domain user and that all works fine. I am having trouble trying to figure out how to set up access to a samba share based on an Active Directory group. Here is my smb.conf file: [global] winbind separator = ` idmap uid = 10000-20000 winbind gid = 10000-20000 winbind enum users = yes winbind enum groups = yes workgroup = testsys security = domain password server = testdc template shell = /bin/bash template homedir = /home/%U winbind use default domain = yes [shared] path = /svr/shared valid users = +TESTSYS`Shared writeable = yes browseable = yes Now in the shared section, I have tried the following for valid users: valid users = @Shared valid users = @TESTSYS+Shared (with the seperator being a +) valid users = +Shared (with seperator being a `) valid users = +TESTSYS`Shared All attempts to access the share failed. The permissions on the directory are: drwxr-xr-x 2 rwebb Shared 4096 Oct 11 15:44 shared When trying to access this share from the win2k server, it pops up the "Connect As" box and does not let me proceed. Any help would be greatly appreciated. Rich