Hello
Today I installed the latest CentOS 7 and the latest Centrify Express. I then installed the latest Adbindporxy using the link below
http://community.centrify.com/t5/TechBlog/Server-Suite-2016-Samba-with-adbindproxy/ba-p/24052
I am to browse to the samba-test share that was created during the above link through windows explorer. however when I double try to enter the share I get a message stating I do not have permissions.
My smb.conf is as follows. Its pretty much the default file and any modifications were done during the installation of adbindproxy.
Thanks
#
# This file was generated by Centrify ADBindProxy Utility
#
[global]
security = ADS
realm = BANDS.BROTHERSANDSISTERS.CO.UK
workgroup = BANDS
netbios name = bass11
auth methods = guest, sam, winbind, ntdomain
machine password timeout = 0
passdb backend = tdbsam:/var/lib/samba/private/passdb.tdb
#
# Samba versions 3.4.0 and newer have replaced "use kerberos keytab"
# with "kerberos method". The directive "kerberos method = secrets and keytab"
# enables Samba to honor service tickets that are still valid but were
# created before the Samba server's password was changed.
#
kerberos method = secrets and keytab
#
# Setting "client use spnego principal" to true instructs SMB client to
# trust the service principal name returned by the SMB server. Otherwise,
# client cannot be authenticated via Kerberos by the server in a different
# domain even though the two domains are mutually trusted.
#
# client use spnego principal = true
#
# Setting send spnego principal to yes .
# Otherwise, it will not send this principal between Samba and Windows 2008
#
# send spnego principal = Yes
# If your Samba server only serves to Windows systems, try server signing = mandatory.
server signing = auto
client ntlmv2 auth = yes
client use spnego = yes
template shell = /bin/bash
winbind use default domain = Yes
winbind enum users = No
winbind enum groups = No
winbind nested groups = Yes
idmap cache time = 0
# ignore syssetgroups error = No
idmap config * : backend = tdb
idmap config * : range = 1000 - 200000000
idmap config * : base_tdb = 0
enable core files = false
# Disable Logging to syslog, and only write log to Samba standard log files.
#syslog = 0
[samba-test]
path = /samba-test
public = yes
# if set public = No, we should set parameter valid users .
# and when the user or group is in AD , the setting syntaxes is:
# valid users = BANDS\user +BANDS\group
writable = yes
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = root
create mask = 0664
directory mask = 0775