Hi all,
Hi have samba setup and working (kind of…) on OpenSuse 11.1.
My server is part of an AD domain, to which it is correctly joined. Authentication is done via active directory, windbind works.
I have some shares set up correctly with valid users = "@MYDOMAIN+somegroup"
, and all domain users can access them correctly.
I have created a new group in active directory and added myself in it.
I created a new share in samba with valid users = "@LOCAL+newgroup"
I cannot access this share (on my windows box, I have an authentication window that pops-up".
I checked the samba log of my workstation (in /var/log/samba/myipaddress), and I have this :
[2009/02/11 09:08:12, 3] lib/util_sid.c:string_to_sid(228)
string_to_sid: Sid @MYDOMAIN+newgroup does not start with ‘S-’.
[2009/02/11 09:08:12, 2] smbd/service.c:make_connection_snum(736)
user ‘MYDOMAIN+myself’ (from session setup) not permitted to access this share (test)
[2009/02/11 09:08:12, 3] smbd/error.c:error_packet_set(61)
error packet at smbd/reply.c(696) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED
If I change valid users = "@LOCAL+newgroup"
to valid users = "@LOCAL+someoldgroup"
in my smb.conf, if works OK.
I thought that “idmap uid” or “idmap gid” could be set incorrectly, but I have them at “1200 20000” both, and I don’t see any other user/group in this range in /etc/passwd.
Any idea ?
Thanks a lot !