On 29/03/2021 09:52, Maurizio Caloro via samba wrote:> Hello > > I think, I have done and read my homework, but after try to implement, this > was fail. > > share "/shares/GroupData01" is visible, still no access with users > > group caragfileshare. thanks for any help. > > Regards > > Maui > > # Debian Buster 10.8, AD 4.13.2 > > # Debian Buster 10.8, Fileserver smbd --version Version 4.9.5-Debian > > > > smb.conf > > [global] > > -snip- >Please unsnip your smb.conf. Rowland
>Please unsnip your smb.conf. >Rowlandcat smb.conf [global] workgroup = CARAG security = ADS realm = CARAG.LOCAL dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab server string = Samba Client %h winbind use default domain = yes winbind expand groups = 2 winbind refresh tickets = Yes winbind offline logon = yes dns proxy = no idmap config * : backend = tdb idmap config * : range = 3000-7999 idmap config CARAG : backend = rid idmap config CARAG : range = 10000-999999 template shell = /bin/bash template homedir = /home/%U domain master = no local master = no preferred master = no host msdfs = no # user Administrator workaround, without it you are unable to set privileges username map = /etc/samba/user.map # For ACL support on domain member vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes # Share Setting Globally unix extensions = no reset on zero vc = yes hide unreadable = yes # disable printing completely load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes # logging log level = 0 max log size = 1000 [USERHOME] path = /shares/Userhome/ read only = no force create mode = 0600 force directory mode = 0700 [DATA] path = /shares/data writable = yes read only = no guest ok = yes create mask = 0666 force create mode = 0666 directory mask = 0777 force directory mode = 0777 [GroupData01] path = /shares/GroupData01 read only = no valid users = @caragfileshare write list = @caragfileshare vfs objects = zfsacl nfs4:mode = simple thanks Mauri