[SOLVED] Permissions issue between Samba and AD

Come here to share your tips and tricks for using Samba4
Locked
A_digital
Messages: 1
Registration: June 8, 2021 - 3:45 PM

June 8, 2021 - 3:57 PM

Hello everyone,

I am unable to access the Samba file shares with any users of the Windows AD other than those in the "Administrators" group.

RWDC: Windows 2019
- Forest: 2008 R2

File server: Debian 10

I followed this tutorial: https://dev.tranquil.it/samba/fr/samba_ ... pendencies

# /etc/samba/smb.conf

Code: Select all

[global]
  workgroup = LAB
  security = ADS
  realm = LAB.DOM
  winbind separator = +
  idmap config *:backend = tdb
  idmap config *:range = 700001-800000
  idmap config LAB:backend  = rid
  idmap config LAB:range  = 10000-700000
  winbind use default domain = yes
  winbind enum users = yes
  winbind enum groups = yes
  vfs objects = acl_xattr
  map acl inherit = Yes
  template homedir = /home/homes/%U

[partages]
  path = /home/partages
  read only = no
# /etc/krb5.conf

Code: Select all

[libdefaults]
        dns_lookup_realm = false
        dns_lookup_kdc = true
        default_realm = LAB.DOM
$: wbinfo -u

Code: Select all

administrateur
invité
krbtgt
krbtgt_24540
j.tend
j.pierre
b.dupuit
m.nette
krbtgt_26021
...
Thanks in advance !
High
User avatar
dcardon
WAPT Expert
Messages: 1930
Registration: June 18, 2014 - 09:58
Location: Saint Sébastien sur Loire
Contact :
Contact dcardon

June 15, 2021 - 12:14

There's the chmod and chown options, which by default limited access to administrators and domain admins (this had to be adjusted by the admin). I've set it to the default for domain users.
https://dev.tranquil.it/samba/fr/samba_ ... ebian.html
Regards,
Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
High
Locked

Return to "Tips and Tricks"


  • To go further with WAPT