On this moment i configure a testenvironment with 1 Microsoft active directory server and 1 Opensuse 11 samba filesharing server. But i have a issue. The samba server is add to the domain and the servers can communicate with eachother. I can login to the domain on the samba server and the LDAP settings tab on yast2 samba configuration tool tell me that samba and the MS LDAP server can communicate with eachother. I can see the shares on the samba server but i can’t autenticate myself. When i whant to logon than see i always “domain: domainname.local” and “access denied”. My question is now how can i give the MS administrator account rights to view the shares and configure the rights for the other users.
Samba config file
[global]
workgroup = WIN-FVJBNQIJE9O@WOENSDRECHT.LOCAL
passdb backend = ldapsam:ldap://win-fvjbnqije9o.woensdrecht.local
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = Yes
add machine script = /sbin/yast /usr/share/YaST2/data/add_machine.ycp %m$
domain logons = Yes
domain master = Yes
security = user
realm = WOENSDRECHT.LOCAL
wins support = Yes
ldap admin dn = Administrator
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Machines
ldap passwd sync = Yes
ldap suffix = dc=woensdrecht,dc=local
ldap user suffix = ou=Users
usershare max shares = 100
idmap gid = 10000-20000
idmap uid = 10000-20000
template homedir = /home/%D/%U
template shell = /bin/bash
winbind refresh tickets = yes
idmap backend = ldap:ldap://win-fvjbnqije9o.woensdrecht.local
local master = Yes
os level = 65
preferred master = Yes
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[profiles]
comment = Network Profiles Service
path = %H
read only = No
store dos attributes = Yes
create mask = 0600
directory mask = 0700
[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
write list = root
[Files]
comment = Bestanden van de medewerkers.
inherit acls = Yes
path = /winshares/files
read only = No
admin users = root Administrator
writable = Yes
write list = Administrator