I have a samba share at /share. I am trying to get it to authenticate it to a
single user for right now. It is attached to the domain, and wbinfo -a\-u\-g all
succeed. a login command with a domain user only works after a sucessful wbinfo
-a "DOMAIN\user%password". This user is then able to authenticate
using the "login" command. As of right now whenever I go to this
machine from windows, it asks for a username and password just to get into the
server, not the share. When going to the share as in
\\ip.address\share<file:///\\ip.address\share>, it still goes to a
password prompt. My configuration is as follows:
[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL
server string = File server
security = ADS
map to guest = Bad User
obey pam restrictions = Yes
password server = DC. DOMAIN.LOCAL
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind nested groups = No
winbind refresh tickets = Yes
idmap config DOMAIN : range = 10000-20000
idmap config DOMAIN : backend = rid
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
browseable = No
browsable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[share]
path = /share
valid users = DOMAIN2+chris.culpepper, DOMAIN+test,
DOMAIN2\\chris.culpepper
read only = No
[test]
path = /home
read only = No
guest ok = Yes
I am pretty sure it is something obvious that I missed, but any assistance would
be greatly appriciated!
Under no circumstances should non-public personal information (NPPI) be
transmitted via unsecured e-mail. For your protection do not include account
numbers, social security numbers, passwords or any other NPPI in email messages
sent to MountainOne Financial Partners or its affiliates. Under no circumstances
will we ever make a request of NPPI or financial information via unsecured
e-mail. The information in this e-mail message is legally privileged and
confidential and is intended only for the use of the addressee(s) named above.
If you are not the intended recipient, you are hereby notified that you are not
authorized to use, distribute, or copy this e-mail or its attachments. If you
have received this e-mail in error, please notify the sender as soon as
possible. In addition, please delete the erroneously received message from any
device and/or media where the message is stored.