Samba + Active Directory-s Domain

Hahó!

Samba szervert beléptettem domain-ba, amiben egy AD van.

# net ads testjoin
Join is OK

getent passwd, getent group hozza az adatokat rendesen az AD-ból (winbind).

De ez nem megy:

# smbclient //testsamba1/temp -U testuser
Password:
Domain=[DOMAIN] OS=[Unix] Server=[Samba 3.0.33-3.7.el5_3.1]
tree connect failed: NT_STATUS_ACCESS_DENIED

Ha rossz jelszót adok meg:

# smbclient //testsamba1/temp -U testuser
Password:
session setup failed: NT_STATUS_LOGON_FAILURE

A konfig:

#======================= Global Settings =====================================

[global]
netbios name = NAGYBIVALY
netbios aliases = TESTSAMBA1,TESTSAMBA2
server string = Samba Server Version %v

workgroup = DOMAIN
password server = ad2 ad1 ad
realm = DOMAIN.LOCAL
security = ads

idmap domains = DOMAIN
idmap config DOMAIN: default = yes
idmap config DOMAIN: backend = rid
idmap config DOMAIN: range = 2000-200000

template shell = /bin/false
winbind use default domain = yes
winbind offline logon = yes
winbind enum users = yes
winbind enum groups = yes
admin users = Rendszergazda

name resolve order = host wins lmhosts bcast

bind interfaces only = yes
interfaces = 172.17.0.30/16 172.17.0.31/16 172.17.0.32/16
hosts allow = 127. 172. 10.

max log size = 50

template homedir = /samba/profiles/%U

load printers = no

dos charset = CP850
unix charset = ISO-8859-2
display charset = ISO-8859-2

#============================ Share Definitions ==============================

[temp]
browseable = yes
path = /samba/temp
comment = Helpdesk temporary dir (teszt)
valid users = @testgrp
write list = @testgrp
public = no
writable = yes
printable = no
force group = testgrp
create mask = 0770
directory mode = 0770

testuser tagja a testgrp csoportnak.

A disk-en a könyvtár igy néz ki:

drwxrws--- 2 rendszergazda testgrp 4096 szept 22 15.05 temp

Az opsys: Centos 5.3 x86_64

Teljesen elvesztettem a fonalat, segítsetek,kérlek.