Solved

How to grant NT domain computer accounts access to samba share?

Posted on 2012-03-30
2
799 Views
Last Modified: 2012-03-30
--please no speculations--

Hi experts.

We have a samba share (latest version) on Suse 12. This samba server is a domain member (domain: windows server 2008, please note that the samba server is not a DC) and winbind is up and running. Domain users can access the shares without problems from windows.

What I would like to achieve is that also domain computer accounts (aka computername$) may access that samba share. Until now I could not even find information on if this is even possible without a samba DC.

What I tried so far is:
-put the computer's IP into the hosts allow line of smb.conf (and restart rcsmb)
-fire the command
chown computername\$@domain:domain-users@domain targetfile

Open in new window

(note the "\" for masking the "$") which succeeds and then ll lists:
rw------- 1 domain\computername$      domain\domain-users 64 Dec  5 18:20 targetfile
So far, so good, but access is still denied.

To test the access, I logged on to "computername" and started a shell using psexec -s -i cmd (which impersonates the system account "computername$") and from that shell I tried to read the targetfile ->access denied.

Is it possible? Did anyone ever do that?

--please no speculations--
0
Comment
Question by:McKnife
  • 2
2 Comments
 
LVL 54

Accepted Solution

by:
McKnife earned 0 total points
ID: 37786580
Aaaargh....... :)
I don't believe it... I simply forgot to change the acl on the share itself, did it only on the file.
0
 
LVL 54

Author Closing Comment

by:McKnife
ID: 37787051
Found the solution on my own
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question