[Samba] missing group affiliation on ad dc
- Date: Mon, 8 Oct 2018 17:08:05 +0200
- From: basti mueller via samba <samba@xxxxxxxxxxxxxxx>
- Subject: [Samba] missing group affiliation on ad dc
I've a strange problem. I migrated my NT4 PDC to a ad on my debian stretch (samba version is 4.5.12).
The Domain Controller has some shares for my users.
One user just told me he can't access the share...before the migration he was able to access the share btw! So I checked the ACL's of this share.
root@server:~# getfacl /media/exampleshare
# file: media/exampleshare
# owner: EXAMPLE\134fileadmin
# group: EXAMPLE\134mitarbeiter
After this I did a "groups exampleuser" on my domain controller:
root@server:~# groups exampleuser
exampleuser : EXAMPLE\domain users EXAMPLE\remotedesktop EXAMPLE\mitarbeiter
but there is no "EXAMPLE\sharegroup"....so everything make sense..
anyway.. if I do a "samba-tool group listmembers sharegroup" on my domain controller I see the user in this list! >.<
If I just run RSAT Active Directory User and Computers I see it too! The user is member of the sharegroup.
My domain controller smb.conf
netbios name = PDC
realm = EXAMPLE.COM
workgroup = EXAMPLE
server role = active directory domain controller
bind interfaces only = yes
interfaces = br0
idmap_ldb:use rfc2307 = yes
template shell = /bin/bash
template homedir= /home/%U
dns forwarder = 184.108.40.206
ldap server require strong auth = no
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 10
winbind offline logon = yes
allow dns updates = nonsecure and secure
log file = /var/log/samba/%m.log
max log size = 10000
log level = 1
Any ideas whats the problem?
To unsubscribe from this list go to the following URL and read the