Results 1 to 2 of 2

Thread: Samba, Shares, and AD

  1. #1

    Default Samba, Shares, and AD

    Hi folks. I've just registered here to ask this:

    I've got openSUSE 11.4 x64.
    I've got Samba 3.5.7.
    The point is to hide the shares that are inaccessible to a particular user.

    In a config file, I added the access based share enum = yes parameter, but the problem is that thai it doesn't make any sence: the shares with restricte access are visible by everyone.

    Here's my smb.conf (kind of):
    Code:
            
    [global]
            workgroup = COMPANY
            realm = COMPANY.COM
            server string = MyServer
            netbios name = MyServer
            security = ADS
            map to guest = Bad User
            deadtime = 1
            load printers = No
            printcap name = /dev/null
            disable spoolss = Yes
            show add printer wizard = No
            logon path = \%Lprofiles.msprofile
            logon drive = P:
            logon home = \%L%U.9xprofile
            os level = 0
            local master = No
            domain master = No
            dns proxy = No
            idmap uid = 10000-40000
            idmap gid = 10000-40000
            template shell = /bin/bash
            winbind cache time = 1440
            winbind enum users = Yes
            winbind enum groups = Yes
            winbind use default domain = Yes
            winbind refresh tickets = Yes
            printing = bsd
            cups options = raw
            print command = lpr -r -P'%p' %s
            lpq command = lpq -P'%p'
            lprm command = lprm -P'%p' %j
    
    [TestFolder]
            path = /var/TestDir
            valid users = ivanov, petrov, sidorov
            write list = ivanov, "@Domain Admins"
            create mask = 0666
            directory mask = 0777
            hide unreadable = Yes
            access based share enum = Yes
    Furthermore, an smbclient -k -L MyServer run from a notebook which is not in AD lists all the shares on MyServer.

    The filesystem rights to /var/TestDir are 777, though it shouldn't matter, according to a share enum parameter description in man pages. AD DS are deployed on a Windows Server 2003, wbinfo -g and -u list domain users and groups correctly.

    What am I doing wrong? How to hide shares which are inaccessible to a particular user?

    Thank you.

  2. #2

    Default Re: Samba, Shares, and AD

    I am experiencing the exact same problem and am trying to do the exact same thing. I'm not sure if it truly works. There is a Samba bugzilla case open: https://bugzilla.samba.org/show_bug.cgi?id=8093

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •