I have samba ad dc and on a different member I have a file server.
Domain Controller = Debian 11 (DC01)
Domain Member (File Server) = Fedora 34 (FS01)
Domain Member (Workstation) = Fedora 34 (F01)
Here are the mount points (F01)
/multimedia/Photos
/multimedia/Movies
/multimedia/Music
/multimedia/Videos
smb.conf (FS01)
# Global parameters
[global]
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
realm = HOME.TEST-SERVER.LAN
security = ADS
template homedir = /home/HOME/%U
template shell = /bin/bash
username map = /etc/samba/user.map
winbind refresh tickets = Yes
winbind use default domain = Yes
workgroup = HOME
idmap config * : range = 10000-24999999
idmap config * : backend = autorid
map acl inherit = Yes
vfs objects = acl_xattr
[homes]
browseable = No
comment = Home Directories
read only = No
valid users = %S
[printers]
browseable = No
comment = All Printers
path = /var/spool/samba
printable = Yes
[Photos]
comment = Photos
inherit acls = Yes
path = /multimedia/Photos
read list = "@HOME\Domain Users"
read only = No
valid users = "@HOME\Media Admins" @HOME\Photographers
write list = @HOME\Photographers
[Videos]
comment = Videos
inherit acls = Yes
path = /multimedia/Videos
read only = No
valid users = "@HOME\Video Users"
[Movies]
comment = Videos
inherit acls = Yes
path = /multimedia/Movies
read only = No
valid users = "@HOME\Domain Users"
[Music]
comment = Videos
inherit acls = Yes
path = /multimedia/Music
read only = No
valid users = "@HOME\Domain Users"
[seagate]
comment = Videos
inherit acls = Yes
path = /media/seagate
read only = No
valid users = "@HOME\Domain Users"
[Backup]
comment = Backup
inherit acls = Yes
path = /media/Seagate_1
read only = No
valid users = "@HOME\Domain Users"
gio mount smb://fs01/photos (F01)
gio: smb://fs01/photos/: Failed to mount Windows share: Permission denied
tail /var/log/messages (F01)
Nov 9 15:29:33 FS01 smbd[799696]: [2021/11/09 15:29:33.316583, 0] ../../source3/smbd/service.c:167(chdir_current_service)
Nov 9 15:29:33 FS01 smbd[799696]: chdir_current_service: vfs_ChDir(/multimedia/Photos) failed: Permission denied. Current token: uid=211104, gid=210513, 8 groups: 211104 210513 211112 211113 109999 109990 109982 10001
Above worked at one time but no longer working
sudo mount -vvv -t cifs //fs01/photos /multimedia/Photos/ -o credentials=/root/.smb (F01)
domain=FS01
mount.cifs kernel mount options: ip=10.0.0.10,unc=\\fs01\photos,user=redhat,domain=FS01,pass=********
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
dmesg (F01)
[ 7092.213424] CIFS: Attempting to mount \\fs01\photos
[ 7092.222559] CIFS: Status code returned 0xc000006d STATUS_LOGON_FAILURE
[ 7092.222564] CIFS: VFS: \\fs01 Send error in SessSetup = -13
[ 7092.222571] CIFS: VFS: cifs_mount failed w/return code = -13
How do I mount these so that access is controlled by Samba where I would just need to update the smb.conf with groups to control access?