Could you please confirm how you provisioned samba4, post a sanitized
version of your smb.conf and explain just what you are hoping to achieve.
Ok, I will do that.
I want to use samba4
1. as an active directory domain controller
2. as a file server providing diefferent shares for different windows
users/groups.
To do so I used the samba provision script to set up samba as AD DC.
Works fine.
Then I read about restrctioning shares to win users/groups with:
valid users = @SAMDOM\SCHUELER
This is not working. When a user in the win group SCHUELER is accessing
a share he gets a popup window with username /password saying that the
acces was denied to this share.
smb.conf
# Global parameters
[global]
workgroup = SAMDOM
realm = SAMDOM.EXAMPLE.COM
netbios name = ULI-SD30V10
server role = active directory domain controller
dns forwarder = 192.168.25.254
# security = ads
password server = 192.168.25.133
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 10
winbind use default domain = yes
[netlogon]
path = /usr/local/samba/var/locks/sysvol/samdom.example.com/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[schueler]
path = /data/schueler
comment = Schueler
read only = no
valid users = @SAMDOM\SCHUELER
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
