Topic
  • 9 replies
  • Latest Post - ‏2013-09-04T17:43:42Z by jgt157
jgt157
jgt157
7 Posts

Pinned topic Samba and Active Directory set up

‏2013-06-26T19:23:47Z | samba

Is this the proper place to ask a question about setting up samba on aix with active directory?

  • GarlandJoseph
    GarlandJoseph
    167 Posts

    Re: Samba and Active Directory set up

    ‏2013-06-26T20:40:16Z  

    It can't hurt.

  • jgt157
    jgt157
    7 Posts

    Re: Samba and Active Directory set up

    ‏2013-06-27T20:50:36Z  

    Cool... Here's the scenario, I've set up pware64 samba on an AIX 6.1 system and have joined it to an AD domain.  The problem the set up is having is that users in the groups with full access (read, write and delete access) aren't able to write a file to the shares or delete a file unless I change the permissions of the directory to 777 (They were 775.)  The smb.conf file has the share set up for 775 access.  Can I add the groups to AIX so the users in the groups can access the shares at the group permissions level rather than the other permissions level.  If so, how should it be done? I hope I've explained this well enough.  Let me know if you want me to post the smb.conf file or any other information needed.  Thanks for the help.

  • GarlandJoseph
    GarlandJoseph
    167 Posts

    Re: Samba and Active Directory set up

    ‏2013-07-16T21:25:05Z  
    • jgt157
    • ‏2013-06-27T20:50:36Z

    Cool... Here's the scenario, I've set up pware64 samba on an AIX 6.1 system and have joined it to an AD domain.  The problem the set up is having is that users in the groups with full access (read, write and delete access) aren't able to write a file to the shares or delete a file unless I change the permissions of the directory to 777 (They were 775.)  The smb.conf file has the share set up for 775 access.  Can I add the groups to AIX so the users in the groups can access the shares at the group permissions level rather than the other permissions level.  If so, how should it be done? I hope I've explained this well enough.  Let me know if you want me to post the smb.conf file or any other information needed.  Thanks for the help.

    Did you resolve this issue yet?   Writes are successful when you set other to read-write-exec (7) so owner and group aren't being respected.   Question: When the users on the windows side map or connect to the samba share, do they actually get a window to specify the credentials (username password with respect to active directory) information...or does it just open up the share.?  If they do get a credentials windows, what is the result of that authentication...check both active directory server and samba logs.  

    Updated on 2013-07-16T21:26:58Z at 2013-07-16T21:26:58Z by GarlandJoseph
  • jgt157
    jgt157
    7 Posts

    Re: Samba and Active Directory set up

    ‏2013-07-17T18:17:30Z  

    Did you resolve this issue yet?   Writes are successful when you set other to read-write-exec (7) so owner and group aren't being respected.   Question: When the users on the windows side map or connect to the samba share, do they actually get a window to specify the credentials (username password with respect to active directory) information...or does it just open up the share.?  If they do get a credentials windows, what is the result of that authentication...check both active directory server and samba logs.  

    Thanks for the reply.  I'll check with the customer and see if they are prompted or not.

  • jgt157
    jgt157
    7 Posts

    Re: Samba and Active Directory set up

    ‏2013-07-18T14:40:52Z  

    Did you resolve this issue yet?   Writes are successful when you set other to read-write-exec (7) so owner and group aren't being respected.   Question: When the users on the windows side map or connect to the samba share, do they actually get a window to specify the credentials (username password with respect to active directory) information...or does it just open up the share.?  If they do get a credentials windows, what is the result of that authentication...check both active directory server and samba logs.  

    No, the users aren't prompted for a password.

  • GarlandJoseph
    GarlandJoseph
    167 Posts

    Re: Samba and Active Directory set up

    ‏2013-07-18T15:06:55Z  
    • jgt157
    • ‏2013-07-18T14:40:52Z

    No, the users aren't prompted for a password.

    samba, aix and active directory are tough...could not solve this one without being able to hack at it...check out this article..it illustrates some of the complexities...http://community.centrify.com/t5/Centrify-enabled-Samba/Active-Directory-login-issues-with-AIX-WIN2k8-Centrify-Samba-and/td-p/6250

  • jgt157
    jgt157
    7 Posts

    Re: Samba and Active Directory set up

    ‏2013-07-18T15:38:51Z  

    samba, aix and active directory are tough...could not solve this one without being able to hack at it...check out this article..it illustrates some of the complexities...http://community.centrify.com/t5/Centrify-enabled-Samba/Active-Directory-login-issues-with-AIX-WIN2k8-Centrify-Samba-and/td-p/6250

    Thank you.  I'll read through it and see if I can figure it out.  

  • jgt157
    jgt157
    7 Posts

    Re: Samba and Active Directory set up

    ‏2013-08-23T19:36:43Z  

    samba, aix and active directory are tough...could not solve this one without being able to hack at it...check out this article..it illustrates some of the complexities...http://community.centrify.com/t5/Centrify-enabled-Samba/Active-Directory-login-issues-with-AIX-WIN2k8-Centrify-Samba-and/td-p/6250

    This article is for the version that Centrify puts out and looks interesting, but, unfortunately, the version for AIX 6.1 is not free and I don't think our customer will want to pay for this service.  Can anyone else help with this subject?

    FYI, their AIX 7.1 version is free.

    Thanks,

     

    Jim Thompson

  • jgt157
    jgt157
    7 Posts

    Re: Samba and Active Directory set up

    ‏2013-09-04T17:43:42Z  

    I"m having problems with luser seeing winbind on my server.  The luser -R WINBIND ALL returns error "Invalid -R option "WINBIND"".  It's listed in /usr/lib/security/methods.cfg and in /etc/security/user "SYSTEM = "compat or WINBIND".  Any idea why lsuser -R would consider WINBIND an invalid option?