[Samba] valid/invalid users not working with samba & windows 2003 AD - Samba

This is a discussion on [Samba] valid/invalid users not working with samba & windows 2003 AD - Samba ; Hi. the samba server is client in a windows 2003 AD managed domain. Got a samba share like this: [Praktikanten] comment = Praktikanten path = /data/Praktikanten read only = No browseable = Yes create mask = 0664 directory mask = ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: [Samba] valid/invalid users not working with samba & windows 2003 AD

  1. [Samba] valid/invalid users not working with samba & windows 2003 AD

    Hi.

    the samba server is client in a windows 2003 AD managed domain.
    Got a samba share like this:

    [Praktikanten]
    comment = Praktikanten
    path = /data/Praktikanten
    read only = No
    browseable = Yes
    create mask = 0664
    directory mask = 0775
    force group = +praktikanten

    Lets take some users:

    user1 is in group praktikanten.
    user2 is in group vpnguests.

    If i add

    valid users = @praktikanten

    no one can connect to the share anymore - even user1 which is member of
    that group.
    If i add to the first example

    invalid users = @vpnguests

    user2 can still connect, but he is in that group.

    user1:

    /etc/samba# id user1
    uid=11659(user1) gid=11616(praktikanten) Gruppen=11616(praktikanten)

    user2:

    /etc/samba# id user2
    uid=16129(user2) gid=16128(vpnguests) Gruppen=16128(vpnguests)


    Something i've missed - reading manpage and docs this should work - but
    doesnt.
    I can even take the usernames (not the group) and it wont work.

    Samba version is latest etch one, 3.0.24-6.
    Any help or hints welcome.

    I can provide some debug logs of any level if someone want to see - tell
    what.

    kind regards


    Torsten

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  2. Re: [Samba] valid/invalid users not working with samba & windows 2003 AD

    On Sunday 17 June 2007, Torsten Krah wrote:
    > I need to insert @"DOMAIN\\Group" to get it working - but now it works -
    > anyone got an explanation why i need two "\"?


    probably to escape the \
    otherwise it's seen as a shell character

    Chris
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

+ Reply to Thread