Hi, On Fri, 2008-06-06 at 17:26 -0400, mslist at opcenter.net wrote: > I have setup a new server centos 5.1 server as a storage > server with over 7TB of storage. The server has been > integrated into a large Active Directory network there are > 5 primary AD servers and a large number of local AD server > at each location (over 20). There are also over 15 trusted > domains hundreds of groups and thousands of users. It has > been quite a challenge to integrate the Linux server with > Samba into this incitement. I am now at a point where I > can change user and group ownership of filed and folders > at AD users and connect to the server with a windows > client. > > There are also issues with Samba not starting on bootup > (yes the service is set to start at level 3 – system > starts non GUI). And it seems to take quite a while for > system to recognize domain users on startup. > > The [TEST] share works with out issue. > The [TEST-ENG] share is not working no matter what I do. > > The issue that I am having is that most of the groups have > a ‘@’ at the beginning. > Ie: @DIV-Engineering > This conflicts with the Samba “valid users = “ directive > in the smb.conf. > > I have been able to change the group ownership to > “@DIV-Engineering” in the file-system without any issues. > > > Is there any way to do this? > > > [global] > workgroup = XXX > realm = XXX > server string = Samba Server Version %v > security = ADS > auth methods = guest, sam, winbind > obey pam restrictions = Yes > password server = nycbcc01.xxx.ad.xxx.net > # winbind separator = \\ > # passdb backend = tdbsam > wins server = 192.20.76.98 > ldap ssl = no > winbind use default domain = yes > idmap uid = 10000-100000 > idmap gid = 10000-100000 > winbind enum users = Yes > preferred master = no > encrypt passwords = yes > template homedir = /home/samba/%D/%U > cups options = raw > > [homes] > comment = Home Directories > read only = No > browseable = No > > [printers] > comment = All Printers > path = /var/spool/samba > printable = Yes > browseable = No > > [TEST] > path = /home/samba/shares/TEST > valid users = @"XXX\Domain Users" > force group = "XXX\domain users" > read only = No > create mask = 0774 > force create mode = 0775 > directory mask = 0775 > force directory mode = 0770 > force directory security mode = 0770 > > [TEST-ENG] > path = /home/samba/shares/TEST > valid users = @"XXX\@DIV-Engineering" > force group = "XXX\@DIV-Engineering" > read only = No > create mask = 0774 > force create mode = 0775 > directory mask = 0775 > force directory mode = 0770 > force directory security mode = 0770 Having a quick glance at the config I remember I had a sort of same issue, set your winbind seperator character to something like '#' and do the same in the valid users and groups and it should give you more working stuff ;) The \ character is a line break which tells samba to continue reading the config on the next line including spaces and linebreaks... regards, Michel