I have a samba share at /share. I am trying to get it to authenticate it to a
single user for right now. It is attached to the domain, and wbinfo -a\-u\-g
all succeed. a login command with a domain user only works after a sucessful
wbinfo -a "DOMAIN\user%password". This user is then able to authenticate using
the "login" command. As of right now whenever I go to this machine from
windows, it asks for a username and password just to get into the server, not
the share. When going to the share as in
\\ip.address\share<file:///\\ip.address\share>, it still goes to a password
prompt. My configuration is as follows:
[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL
server string = File server
security = ADS
map to guest = Bad User
obey pam restrictions = Yes
password server = DC. DOMAIN.LOCAL
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind nested groups = No
winbind refresh tickets = Yes
idmap config DOMAIN : range = 10000-20000
idmap config DOMAIN : backend = rid
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
browseable = No
browsable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[share]
path = /share
valid users = DOMAIN2+chris.culpepper, DOMAIN+test,
DOMAIN2\\chris.culpepper
read only = No
[test]
path = /home
read only = No
guest ok = Yes
I am pretty sure it is something obvious that I missed, but any assistance
would be greatly appriciated!
Under no circumstances should non-public personal information (NPPI) be
transmitted via unsecured e-mail. For your protection do not include account
numbers, social security numbers, passwords or any other NPPI in email messages
sent to MountainOne Financial Partners or its affiliates. Under no
circumstances will we ever make a request of NPPI or financial information via
unsecured e-mail. The information in this e-mail message is legally privileged
and confidential and is intended only for the use of the addressee(s) named
above. If you are not the intended recipient, you are hereby notified that you
are not authorized to use, distribute, or copy this e-mail or its attachments.
If you have received this e-mail in error, please notify the sender as soon as
possible. In addition, please delete the erroneously received message from any
device and/or media where the message is stored.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
