+ Post New Thread
Results 1 to 7 of 7
*nix Thread, Authenticating Samba Shares against AD in Technical; Hi All, I have been managing unix web servers for a long time now, however I'm deploying a Baccalaureate Portfolio ...
  1. #1

    Join Date
    Nov 2011
    Location
    Middlesbrough
    Posts
    23
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Authenticating Samba Shares against AD

    Hi All,

    I have been managing unix web servers for a long time now, however I'm deploying a Baccalaureate Portfolio web app I've developed for us into the network. Im running it on a Ubuntu 11.10 server, and I'm having problems with the Samba shares (first time I've used samba)..

    Ive set up a simple share in samba.conf

    Code:
    [BaccData]
        comment = Bacc Admin Access
        path = /baccdata
        browsable = yes
        guest ok = yes
        read only = no
        create mask = 0755
    I need to somehow configure this on a AD OU basis, so the students have no access to this share, but the admin and SMT OUs do. I have absolutely no idea how to go about doing this, and all my googling turned up zilch. I tried binding Samba to AD in Webmin but that just spat its dummy out at me.

    If anyone has any pointers, or even links to an article that will give me some sort of idea what I'm doing that would be greatly appreciatedn- again linux isn't anything new to me, so if I have a small clue what to do I should be able to figure the rest out for myself!

    Cheers

  2. #2


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    I put together a howto with samba here:
    Samba Homedirectory - Wiki

    I think the bits you want to look at in more detail are the ACL support, and valid users.
    ACL support on the filesystem allows you you use setfacl to set NTFS style permissions -ie how you to allow shares on a per user basis.
    you'd probably need to do this on a group basis rather than OU, but it is fairly trivial to make OU members of groups.

    also look at
    Code:
    valid users =
    where you could use @"DOMAIN\domain^admins" for example.

  3. #3

    Join Date
    Nov 2011
    Location
    Middlesbrough
    Posts
    23
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Ill have a look into it, cheers mate

  4. #4

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,786
    Thank Post
    272
    Thanked 1,130 Times in 1,026 Posts
    Rep Power
    348
    Just Another pointer - if you are going to host production software I would personally only run it on LTS versions of Ubuntu (currently 10.04) soon to be 12.04. You then have support/update for the os longer then with the minor releases

  5. #5

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,611
    Thank Post
    1,226
    Thanked 772 Times in 670 Posts
    Rep Power
    234
    Quote Originally Posted by brad82 View Post
    If anyone has any pointers, or even links to an article that will give me some sort of idea what I'm doing that would be greatly appreciatedn- again linux isn't anything new to me, so if I have a small clue what to do I should be able to figure the rest out for myself!
    There's this thread, where I stumble around doing the same sort of thing you're doing now:

    Configuring Samba

  6. #6

    Join Date
    Nov 2011
    Location
    Middlesbrough
    Posts
    23
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by glennda View Post
    Just Another pointer - if you are going to host production software I would personally only run it on LTS versions of Ubuntu (currently 10.04) soon to be 12.04. You then have support/update for the os longer then with the minor releases
    I will still be around when 12.04 hits, so ill upgrade to that when it hits the release, then leave it at that until the next LTS.. I just happened to have an image of another ready to deploy LAMP stack laying around so I deployed that as I'm lazy!

    Also cheers David - I shall have a read tomorrow when I'm back in front of PuTTY!
    Last edited by brad82; 2nd February 2012 at 11:43 PM.

  7. #7


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by dhicks View Post
    There's this thread, where I stumble around doing the same sort of thing you're doing now:

    Configuring Samba
    wow, that was a blast from the past. Means I've been running the same system (notwithstanding new hardware and OS upgrades) for 3.5 yrs now.
    About time I had another look at new samba features!

SHARE:
+ Post New Thread

Similar Threads

  1. Authenticate IIS against AD transparently
    By FN-GM in forum Web Development
    Replies: 19
    Last Post: 22nd September 2010, 10:53 PM
  2. Replies: 1
    Last Post: 4th November 2009, 05:30 PM
  3. Replies: 24
    Last Post: 15th April 2008, 09:54 AM
  4. Samba Shares!
    By Mintsoft in forum *nix
    Replies: 9
    Last Post: 2nd October 2007, 12:05 PM
  5. Samba share
    By apeo in forum *nix
    Replies: 17
    Last Post: 16th July 2007, 12:21 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •