Tharanga Abeyseela (RGA)
2010-May-03 01:17 UTC
[Samba] AD group member cant write to the samba shared folder
Hi Guys, I managed to authenticate AD groups with samba. Now I can define several groups and that group members only be allow to access the shared folders defined in smb.conf. but that members cant see the files or write to that folder. (/home/test) This is my smb.conf [global] workgroup = xxx realm = xxx.COM password server = * server string = Samba file and print server security = ADS encrypt passwords = yes log level = 3 log file = /var/log/samba/%m max log size = 50 winbind separator = + #printcap name = cups #printing = cups idmap uid = 15000-20000 idmap gid = 15000-20000 #winbind use default domain = yes nt acl support = yes map acl inherit = yes winbind enum users = yes winbind enum groups = yes #client ntlmv2 auth = yes template homedir = /home/%D/%U template shell = /bin/bash [itaccess] comment = Testing AD Integration browseable = yes readonly = no writeable = yes path = /home/test/ inherit acls = yes inherit permissions = yes valid users = @"xxx+itaccess" write list = @"xxx+itaccess" admin users = @"xxx+itaccess" create mask = 770 force create mode = 770 force directory mode = 770 chmod 770 /home/test chown root.root /home/test setfacl -m u:"xxx+itaccess":rwx /home/test setfacl -d -m u:"RAP+itaccess":rwx /home/test getfacl /home/test # file: home/test/ # owner: root # group: root user::rwx group::rwx group:RAP+itaccess:rwx mask::rwx other::--- default:user::rwx default:group::rwx default:group:RAP+itaccess:rwx default:mask::rwx default:other::--- drwxrws---+ 2 root root 4096 2010-05-03 10:33 test but if that goup member try to write something it says access denied. If I put on that test folder , group members cant see it (read it ). Can someone help me to solve the issue . (Ad group authentication is working properly with samba) Thanks, Tharanga