mdaTRammer
asked on
Samba Share Via AD 2008r2
Hello,
Have a problem that is driving me nuts. I'm not a Linux/Samba expert, but my organization has one Linux Server with one samba share that is used solely for Windows 7 users to read files. A few admins need to read and write to this same share. Our Admins would map a drive by logging in as Linux Server\Admin, rather than ADDOMAIN\Admin.
All was working OK. The samba was a stand alone server joined to the domain. Public users could map a drive to the samba share and read data. The admins could map the drive and add data to the share.
We recently were forced to upgrade our Windows DCs to 2008 R2. Since that time, no one has been able to access the samba share at all. The errors related to permissions or that the network name could not be found. DNS is working properly.
So....I went on the Linux Server (Suse SLES 11.0) and tweaked the Samba (3.2.7). I added ldap information pointing to my 2008 R2 PDC in the Samba Yast section. Reloaded samba services. Now, the mappings are coming back and the share is browsable all day....better than before!
The problem is that the mappings treat everyone as if they are all PUBLIC users, thus giving even admins READ ONLY access. I need the admins to be able to write! I checked all permissions on the Linux box and I can assure you they are correct. I suspect that the LDAP setting needs some sort of group or user mapping. But I don't understand the LDAP backend stuff. All I did was add the ldap address, the user DN and the Admin DN and password.
I don't want the Samba server to be a PDC. I just want the users to be able to login to the Samba share and get proper file permissions. Do I need to map Active Directory groups and users to match the groups and users that are on the local Samba server?
Any suggestions are greatly appreciated.
Happy Holidays
Have a problem that is driving me nuts. I'm not a Linux/Samba expert, but my organization has one Linux Server with one samba share that is used solely for Windows 7 users to read files. A few admins need to read and write to this same share. Our Admins would map a drive by logging in as Linux Server\Admin, rather than ADDOMAIN\Admin.
All was working OK. The samba was a stand alone server joined to the domain. Public users could map a drive to the samba share and read data. The admins could map the drive and add data to the share.
We recently were forced to upgrade our Windows DCs to 2008 R2. Since that time, no one has been able to access the samba share at all. The errors related to permissions or that the network name could not be found. DNS is working properly.
So....I went on the Linux Server (Suse SLES 11.0) and tweaked the Samba (3.2.7). I added ldap information pointing to my 2008 R2 PDC in the Samba Yast section. Reloaded samba services. Now, the mappings are coming back and the share is browsable all day....better than before!
The problem is that the mappings treat everyone as if they are all PUBLIC users, thus giving even admins READ ONLY access. I need the admins to be able to write! I checked all permissions on the Linux box and I can assure you they are correct. I suspect that the LDAP setting needs some sort of group or user mapping. But I don't understand the LDAP backend stuff. All I did was add the ldap address, the user DN and the Admin DN and password.
I don't want the Samba server to be a PDC. I just want the users to be able to login to the Samba share and get proper file permissions. Do I need to map Active Directory groups and users to match the groups and users that are on the local Samba server?
Any suggestions are greatly appreciated.
Happy Holidays
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks very much for the information.