What are the permissions on /shared/drive? We use ACLs to control access rather than smb.conf. This gives us great flexability and you can kind of manage it using a Windows machine. If you have Kerberos keytab generated, you can smbmount on Linux using the -o sec=krb5 and no passwords are needed, it also obeys ACL. The only catch is that you need to use RID or LDAP for uid/gid mapping or else your permissions won't line up.
Robert LeBlanc Life Sciences & Undergraduate Education Computer Support Brigham Young University On Thu, Oct 1, 2009 at 10:14 AM, Ivan Ordonez <[email protected]> wrote: > Hello, > > We have a Gentoo box running Samba and is a member of the Active Directory > domain. This Gentoo box will be a fileserver when everything is completed > and setup as it should. I want our users to login to their computer > (Computers are all members of the same Active Directory domain) using Active > Directory accounts/domain for authentication. I am using Winbind for Active > Directory authentication/integration. I'm almost done except file permission > issue. All is working smoothly (ie. wbinfo, smbclient, getent, etc.). I can > access/map the shared drive on the Gentoo box from any Windows computer, > login to a machine without a problem using Active Directory accounts. The > Active Directory authentication with Winbind is working as it should. > > For some odd reason, I can't figure out how to give permissions to all > users the ability to make changes/add new folders on the shared drive. I am > getting access denied even when the users or group are valid users of the > shared drive per smb.conf. Below is my smb.conf shared configuration: > > [shared] > comment = shared > path = /shared/drive > read only = no > inherit permissions = yes > create mask = 755 > directory mask = 755 > valid users = @"MYDOMAIN+mygroup" > browseable = yes > writable = yes > > Any help would be greatly appreciated. > > -Ivan > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
