Displaying 7 results from an estimated 7 matches for "ad_group".
Did you mean:
d_group
2009 Apr 29
2
Directory and File Perms
I have a directory shared out via Samba for Quickbooks and seem
to have some issues with permissions. The directory being shared
is a subdirectory in an ext3 partition being mounted with the acl
option.
It has been setup as follows:
chown root:DOMAIN\AD_Group /mnt/Intuit_Data/
chmod 2770 /mnt/Intuit_Data/
And the Samba share config is has:
create mask = 0660
directory mask = 0770
So when a user creates a file from their Windows box through Explorer
or any other app, it gets perms as you might expect:
-rw-rw---- 1 Domain+jcasale DOM...
2016 Sep 09
0
CentOS 6.8 and samba
...8. Verify the contents of the Kerberos keytab file:
klist -ke
9. Add a share that has access restricted to an Active Directory group:
a. mkdir /data
b. vi /etc/samba/smb.conf
After the [homes}, section add the following text:
[data]
comment = Data Directory
path = /data
valid users = @"DOMAIN\AD_Group"
writable = yes
browseable = yes
Substitute DOMAIN\AD_Group with an AD group that will be accessing this share.
c. /etc/init.d/smb restart
10. Enable home directory creation
a. system-config-authentication
b. In the Advance Options tab, check the "Create home directories on the first logi...
2016 Sep 09
2
CentOS 6.8 and samba
I have another samba server and upgraded it to samba4. testparm returns clean with the old config (ROLE_DOMAIN_PDC) and starts up fine. smbclient seems to work fine.
The next thing now is to try and make it a domain member so it can auth against AD.
Thanks, Andrew, I appreciate the pointers.
2016 Apr 07
0
centos samba sssd active directory
...method = secrets and keytab
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = yes
winbind refresh tickets = yes
To use the "valid users" directive, I have to deal with the AD SIDs. You can get it by running :
$ wbinfo --name-to-sid ad_user
$ wbinfo --name-to-sid ad_group
The RID idmap backend doesn't work as expected. So I use the NSS backend :
idmap config MYDOMAIN : backend = nss
idmap config MYDOMAIN : range = 10000-99999
idmap config * : backend = tdb
idmap config * : range = 100000-999999
And in /etc/nsswitch.conf :
passwd: files sss
shadow: files sss...
2016 Apr 07
3
centos samba sssd active directory
Hello all,
Im having the latest centos that should be integrated into win 2012 active directory domain.
Im having Authentication running, an AD user can login via ssh, getent and id working
But Im not able to get the samba shares running with AD
[sfu-erp]
comment = Mandant
path = /share
# ; valid users = @"RZ-DOMAIN\linuxtest" @"RZ-DOMAIN\linuxtest"
valid users =
2014 Feb 15
2
Samba 4.1.4 nsswitch/winbind issues
The two domain controllers (Debian) and the member server (CentOS) are all
running Samba 4.1.4 from the sernet packages. The member server I am
testing from was fully patched as of this morning.
Things that work:
- wbinfo -u
- wbifno -g
- getent group {ad_group}
Things that don't work:
- getent passwd {any_ad_user}
- getent group
- getent passwd
I jacked up the winbindd debug level to 9, and did some testing.
# wbinfo -n doug
S-1-5-21-1317801521-1647347728-1419337603-1104 SID_USER (1)
# wbinfo -S S-1-5-21-1317801521-1647347728-1419337603...
2011 Sep 20
1
getent group not listing domain groups / wbinfo -r not working
I know, I know, this again :)
The company I work for would like to use squid for proxy authentication
purposes using NTLM, using a Windows 2008 R2 server as a DC. I've
managed to setup samba/winbind to use ads and successfully joined the
domain. Configured nsswitch.conf to lookup winbind entities (however I
didn't touch PAM configuration, as I don't actually want the users to be
able