On 12/12/15 08:53, VigneshDhanraj G wrote:
> sorry for the late response Rowland,
>
> I didn't change the smb.conf with the same smb.conf, i configured new
> AD that works fine. Do you need to change the smb.conf could you
> please tell me what i need to change specifically. And i also suspect
> that problem with my AD server. But i am not able to find the exact
> problem, The confusion is Ftp works with same pam working fine but
> cifs always shows access denied. if password is wrong it shows Wrong
> password.
>
> Regards,
>
> Vigneshdhanraj G
>
> On Thu, Dec 10, 2015 at 2:41 PM, Rowland penny <
rpe...@samba.org
> <mailto:
rpe...@samba.org>> wrote:
>
> On 10/12/15 07:49, VigneshDhanraj G wrote:
>
> Hi,
>
> This issue not solved, ftp and cifs using same way of
> authentication. but
> when trying to access cifs it always shows the same
> ACCESS_DENIED error.
>
> Regards,
>
> Vigneshdhanraj G
>
>
> On Tue, Nov 3, 2015 at 6:36 PM, Rowland Penny
> <
rowlandpe...@gmail.com
> <mailto:
rowlandpe...@gmail.com>>
Lets be honest, your original smb.conf was a mess, it uses a lot of
default settings and a lot of settings that really shouldn't be there,
this is what it really should have looked like:
[global]
Workgroup= DOMAIN
security= ADS
realm= DOMAIN.LOCAL
netbios name= Debian
server string= LenovoEMC™ px6-300d
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
idmap config *:backend = tdb
idmap config *:range = 2000-4999
idmap config DOMAIN:backend = rid
idmap config DOMAIN:range = 5000-9999999
winbind nss info = template
winbind enum users = yes
winbind enum groups = yes
winbind refresh tickets = Yes
winbind offline logon= true
dns proxy= no
template shell= /bin/sh
map to guest= Bad User
strict allocate= yes # really meant to be used in a share
printcap name = lpstat
max smbd processes= 500
syslog= 0
max log size= 50
use sendfile= yes
unix extensions= no
state directory= /mnt/system/samba/system # why are you moving this
to what I presume is a share
on another system?????
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
The 'tabbed' lines are yours, the others are what I would add.