Hi all,

I'm attempting to integrate Samba 4.2.3 with IPA 4.2 (RHEL7).  I have a 
kerberos trust established between IPA and AD.  I have followed the 
instructions on the wiki [1], but had some questions and problems specifically 
related to share permissions:

I'm having trouble with shares where I need to grant access to a specific AD 
user/group.  I have tried this and other variations with no success:

[shared]
        path = /home/shared
        writable = yes
        browsable = yes
        valid users = testsa...@ad.domain.lan

I have also tried:

        valid users = ad\testsamba
        vaild users= @ad\testsamba
        valid users= @testsa...@ad.domain.lan
        

What is the proper way to allow specific AD groups access to the Samba share?  
I also tried nesting an external group in a POSIX group with no success.  
Should I be using something other than 'valid users'?

 [1] http://www.freeipa.org/page/Howto/Integrating_a_Samba_File_Server_With_IPA

Thanks,

Josh

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to