[Freeipa-users] Samba Integration with AD Trust
Baird, Josh
jbaird at follett.com
Tue Mar 22 18:49:43 UTC 2016
Hi all,
I'm attempting to integrate Samba 4.2.3 with IPA 4.2 (RHEL7). I have a kerberos trust established between IPA and AD. I have followed the instructions on the wiki [1], but had some questions and problems specifically related to share permissions:
I'm having trouble with shares where I need to grant access to a specific AD user/group. I have tried this and other variations with no success:
[shared]
path = /home/shared
writable = yes
browsable = yes
valid users = testsamba at ad.domain.lan
I have also tried:
valid users = ad\testsamba
vaild users= @ad\testsamba
valid users= @testsamba at ad.domain.lan
What is the proper way to allow specific AD groups access to the Samba share? I also tried nesting an external group in a POSIX group with no success. Should I be using something other than 'valid users'?
[1] http://www.freeipa.org/page/Howto/Integrating_a_Samba_File_Server_With_IPA
Thanks,
Josh
More information about the Freeipa-users
mailing list