Glam Prestige Journal

Bright entertainment trends with youth appeal.

I have setup SAMBA with Active Directory authentication (Kerberos & nsswitch etc.) on a Ubuntu box and am trying to correctly set up a shared folder on this Ubuntu box with an Active Directory group of users have read/write/execute permissions (Windows Active Directory domain controller). Unfortunately, my users can not see or access the shared folder from any client (Windows, Linux or otherwise).

I am sure it is simply my miss-understanding of the correct configuration.

I have Active Directory users (let's call them user1, user2, user3), within an Active Directory Group (lets call it group1). They are also, by default, a member of the 'domain users' group.

On Ubuntu, the commands wbinfo -u & wbinfo -g as well as getent passwd & getent group can all see the users and groups in question from Active Directory. As expected.

I have a folder on Ubuntu that I created along these lines:

mkdir -p /sharing/folder1
chmod -R 0770 /sharing/
chgrp -R "Domain Users" /sharing/

and within smb.conf:

[Share] comment = Folder to share path = /sharing/folder1/ valid users = "@DOMAINNAME\domain users" force group = "Domain Users" writable = yes read only = no force create mode = 0660 create mask = 0777 directory mask = 0777 force directory mode = 0770 access based share enum = yes hide unreadable = yes

This works, BUT for any and all Active Directory users. I DON'T want that, I only want the users fro the group1 in Active Directory to have access to the share and its content.

So, if I try this:

folder on Ubuntu that I created along these lines:

mkdir -p /sharing/folder1
chmod -R 0770 /sharing/
chgrp -R "group1" /sharing/

and within smb.conf:

[Share] comment = Folder to share path = /sharing/folder1/ valid users = "@DOMAINNAME\group1" force group = "group1" writable = yes read only = no force create mode = 0660 create mask = 0777 directory mask = 0777 force directory mode = 0770 access based share enum = yes hide unreadable = yes

This does NOT work for any user. What am I doing wrong? What's the difference?

Equally, If I use an individual user, I get hit and miss results. I am also unable to use a local Ubuntu User it seems. Note: I need to use a group as the users may come and go over time.

Any support appreciated. Thanks,

2 Reset to default

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

Related Journals