Using Samba for AD and file sharing

ubuntu ubuntu-12.04 samba

Solution 1:

If you don't want AD logins to be used for anything Samba related, can you change your Samba security mode to "user" or even "share" level permissions? That way you can leverage your built-in accounts for Samba but keep the AD stuff for logins. Or maybe I misunderstood what you where asking.

I have local accounts on my servers, but I also use AD for Samba. What I end up doing is blocking the shares down to group level with the AD permissions by using these parameters on the shares:

valid users = "+AD\Group Name"
force group = "+AD\Group Name"

That way other users can't even browse the contents of the shares. It seems to honor nested groups too so we can mage AD groups be members of other groups and that way be very granular in what we open up to the users.

Related

How to get rid of the language symbol?
Add two new HDD in Raid 1
How can I configure and print with an HP LaserJet 1000?
Function keys are not working on Toshiba Satellite L510 so brightness control is not possible
"Try Ubuntu" from install USB - how to make it not erase files every time?
No sound Civ 5 and wine
Unable install jdk8 in ubuntu 17.10
How do I "log" the M most recent images from a webcam using the command-line?
Ubuntu 18.10 shows black screen with blinking cursor after I rebooted a Thinkpad with hybrid GPUs [duplicate]
Do open source(or amd's) drivers work well for hd5570 graphics card?
MacBook Pro Compatibility, Multitouch [duplicate]
Two power icons in Xubuntu