I was able to install 3.3.8 version of Samba. I am running it now. I
can see shares, but could not write at all.
ACL seems simple but I can't get it to work. Any help or advise would
be greatly appreciated.
Robert LeBlanc wrote:
The changes have not made it into a 3.3.x release yet, 3.3.7 was a
security release, ideally 3.3.8 should have the fix. There were quiet
a number of configuration changes from 3.0.x to 3.3.x in regards to
Active Directory, you may not be able to use you old config without
updating some things.
Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University
On Mon, Oct 5, 2009 at 10:02 AM, Ivan Ordonez <[email protected]
<mailto:[email protected]>> wrote:
I am using Samba version 3.0.36. When I upgraded to 3.3.7, I got
some "realm" complaints when I run testparm and some "ADS"
related error. The 3.3.7 version is masked by Gentoo portage and
not sure if it will be available soon.
Thanks,
-Ivan
Robert LeBlanc wrote:
What version of samba are you using? I submitted a patch to Samba
that is in 3.4.1 and slated for the next version of 3.3.x that
fixes the workgroup/realm thing. It falls back to SPEGO without
the patch, but it takes a little while, the patch speeds things up.
Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University
On Fri, Oct 2, 2009 at 11:09 AM, Jonathan Petersson
<[email protected] <mailto:[email protected]>> wrote:
How did you solve the kerberos portion how things, when
winbind tries
to connect to my server the kerberos sessions fails as it
tries to
connect with the workgroup instead of the realm.
Thanks
/Jonathan
On Fri, Oct 2, 2009 at 9:36 AM, Ivan Ordonez
<[email protected] <mailto:[email protected]>> wrote:
>
>
> Jonathan Petersson wrote:
>>
>> Hi Ivan,
>>
>> I'm working on a similar thing but is having some issues
with the
>> kerberos sessions between samba and AD. Is your Samba
server a member
>> of a Win2k8R2 or a Win2k3 domain?
>>
>> Thanks
>>
>> /Jonathan
>>
>> On Fri, Oct 2, 2009 at 9:00 AM, Ivan Ordonez
<[email protected] <mailto:[email protected]>>
>> wrote:
>>
>>>
>>> Robert LeBlanc wrote:
>>>
>>>>
>>>> What are the permissions on /shared/drive? We use ACLs
to control access
>>>> rather than smb.conf. This gives us great flexability
and you can kind
>>>> of
>>>> manage it using a Windows machine. If you have Kerberos
keytab
>>>> generated,
>>>> you can smbmount on Linux using the -o sec=krb5 and no
passwords are
>>>> needed,
>>>> it also obeys ACL. The only catch is that you need to
use RID or LDAP
>>>> for
>>>> uid/gid mapping or else your permissions won't line up.
>>>>
>>>> Robert LeBlanc
>>>> Life Sciences & Undergraduate Education Computer Support
>>>> Brigham Young University
>>>>
>>>>
>>>> On Thu, Oct 1, 2009 at 10:14 AM, Ivan Ordonez
<[email protected] <mailto:[email protected]>
>>>> <mailto:[email protected]
<mailto:[email protected]>>> wrote:
>>>>
>>>> Hello,
>>>>
>>>> We have a Gentoo box running Samba and is a member of
the Active
>>>> Directory domain. This Gentoo box will be a fileserver
when
>>>> everything is completed and setup as it should. I
want our users
>>>> to login to their computer (Computers are all members
of the same
>>>> Active Directory domain) using Active Directory
accounts/domain
>>>> for authentication. I am using Winbind for Active
Directory
>>>> authentication/integration. I'm almost done except
file permission
>>>> issue. All is working smoothly (ie. wbinfo,
smbclient, getent,
>>>> etc.). I can access/map the shared drive on the Gentoo
box from
>>>> any Windows computer, login to a machine without a
problem using
>>>> Active Directory accounts. The Active Directory
authentication
>>>> with Winbind is working as it should.
>>>>
>>>> For some odd reason, I can't figure out how to give
permissions to
>>>> all users the ability to make changes/add new folders
on the
>>>> shared drive. I am getting access denied even when the
users or
>>>> group are valid users of the shared drive per
smb.conf. Below is
>>>> my smb.conf shared configuration:
>>>>
>>>> [shared]
>>>> comment = shared
>>>> path = /shared/drive
>>>> read only = no
>>>> inherit permissions = yes
>>>> create mask = 755
>>>> directory mask = 755
>>>> valid users = @"MYDOMAIN+mygroup"
>>>> browseable = yes
>>>> writable = yes
>>>>
>>>> Any help would be greatly appreciated.
>>>>
>>>> -Ivan
>>>> -- To unsubscribe from this list go to the
following URL and read
>>>> the
>>>> instructions:
https://lists.samba.org/mailman/options/samba
>>>>
>>>>
>>>
>>> Hi,
>>>
>>> The files and folders on the shared drive are owned by
local Linux
>>> account.
>>> The permissions are read, write and execute by the
owner, read and write
>>> by
>>> group and all. I was hoping that smb.conf will control
the shared drive
>>> access but having a hard time doing so. I would like to
use ACL if that
>>> is
>>> the best way to make it work. Would you mind giving me
few pointers or
>>> point me to the right direction to get started on ACL? I
am no LDAP
>>> expert
>>> but I think I can get by if I have to use it.
>>>
>>> Thanks!
>>>
>>> -Ivan
>>> --
>>> To unsubscribe from this list go to the following URL and
read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>>
>
> Hi Jonathan,
>
> Our Samba server is a member of Win2k8R2 domain.
> Thanks,
> -Ivan
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
