Re: [Samba] Samba and AD based home shares are visible but not accessible
- Date: Tue, 11 Jul 2017 18:43:17 +0100
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Samba and AD based home shares are visible but not accessible
On Tue, 11 Jul 2017 17:20:05 +0000
"Cybulski, Adam M" <acybulski@xxxxxxxxxx> wrote:
> That’s a very discouraging answer. I'm really struggling to get the
> hang of this server, and doing a lot of reading and research, I'm
> using SSSD because it seemed to be the best method for allowing an AD
> group log in privileges on the machine, it's recommended by Red Hat,
> and it's what came packaged with my distro.
Yes, red-hat promote sssd, because it is their package. I don't
actually think it is the best method for authentication on a Samba
machine. Are you also aware that sssd uses a version of a winbind lib ?
So why not go the whole way and use winbind, this will get you a fully
supported by Samba set up.
> It took me three weeks
> to make it work for authenticating users, and now I'm being told it
> won't work if I also want to share a folder? These things should not
> be this difficult to integrate.
You should have asked here earlier, I can guarantee that you would have
had a working system (with winbind) well inside your three weeks.
> Someone else has pointed out to me that the issue most likely lies in
> configuring ACL's, as I can connect to the system and see the shares,
> but do not have permissions to open them. I've added the needed lines
> to my SMB.conf, mapped an admin account to root, and added interfaces
> = lo eth0 so it will look on the loop back, but when I try to add
> anyone with
> >sudo net rpc rights grant 'domain\linuxproject'
> >SeDiskOperatorPrivilege -U domain\admin I constantly get:
> Could not connect to server 127.0.0.1
> The username or password was not correct.
> Connection failed: NT_STATUS_LOGON_FAILURE
> I really hope you can give me some more advice beyond, throw out
> everything and start over with winbind.
The only user you should map to 'root' is 'Administrator'.
Does your OS know your user, i.e. does 'getent passwd admin' return
If you want to use winbind, then I am prepared to try and help you get
it working, if you insist on using sssd, then I repeat, sssd is not
supported by Samba, it is not a Samba product, so you will have to seek
help through the sssd-users mailing list.
To unsubscribe from this list go to the following URL and read the