“Eh, I checked everywhere! I cannot find that smb.conf. Where could it have gone!?” And I thought he was lying when a colleague of mine mentioned this, trying to enable samba. Well, I checked and could not find any trace of the smb.conf file either. Although samba was enabled via ZFS and we could see the windows shares, we could not access them. Sure enabling samba via zfs was fairly simple and I enabled samba as follows. Considering tank is our dataset on a system called army) with the domain goldcoast.com I performed:
# zfs sharesmb=on tank
which should implicitly enable the SMF: svc:/network/smb/server:default
What was actually missing, since we are in an Active Directory environment was joining our Solaris host to the domain and mapping corresponding Windows users to Unix users — provided the Windows and Unix usernames are the same and in this case they were.
Join Solaris to the Active Directory domain:
# smbadm join -u administrator goldcoast.com
At his point the Windows shares were now accessible, but you may have noticed the file mappings were wrong. For example, on the Windows side of things if you created a new file the owner and group would appear differently on the Unix side, similiar to the below listing:
# ls -ltr -rwx------+ 1 2147540993 2147483653 0 May 10 16:24 New Text Document.txt
And with permissions like that, in a shared environment there are sure to be a lot of complaints.
To map all AD users that are part of domain goldcoast.com, considering the local unix accounts have the same name we performed:
# idmap add "winuser:*@goldcoast.com" unixuser:*
And samba is enabled. Try it, try to access the share from Windows using
Start -> Run: \\army\tank
If your Windows machine is connected to an ActiveDirectory Controller you should be prompted for a username/password dialog.
References:
