I'm running Samba 3.4.7 with Likewise Open 6.0.0.8388 on Ubuntu 10.04 Server x64. This server is joined to a domain (functional level 2003) run by 2008R2 domain controllers. In a Windows server, I can grant permission for a folder and/or share to a computer account (represented by computername$). This allows services/processes running under the SYSTEM account to access these network shares. I'm trying to grant the same permissions on my Linux server but no matter what I do I cannot add a computer account to the ACL. setfacl doesn't recognize the user, and when adding it through the Windows permission dialog it just disappears after hitting apply. Is this possible with Samba?
Unfortunately permissions to a share cannot be granted to a computer account; only users. Yes, it looks like you should be able to do that, and the OS allows you to make the entry, but it doesn't actually work like you'd expect.
One way to get around this is, for instance if you're running a script as a scheduled task, is to mount network drive as a specific user who has access to that share, like so:
this will use the first-available drive letter (starting at Z: and going backward from XP/2003 on, but starting at the beginning in Win2k).
You can also specify a drive letter as long as it's not in use:
When complete, don't forget to unmount the share with:
(Note that you can of course test for the presense of the drive's use, or just drop the mount before mounting it, but I leave that to you.)
If it is not possible, try adding the computer account to a security group, and set an ACL to confer access to that security group.
Create Security Group in AD with containing these computers in it
run this command on Linux server
also don't forget to put in /etc/samba/smb.conf
[Share] ....
Hope this will help!