[Samba] SAMBA using existing users and passwords on Linux

Fernando Gonçalves fernandolmg at gmail.com
Mon Jun 22 14:57:29 UTC 2020 

Oops, wrong language ;D

Okay Rowland.
Thank you very much for this help.
To the next.

<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Livre
de vírus. www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>.
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

Em seg., 22 de jun. de 2020 às 11:55, Fernando Gonçalves <
fernandolmg at gmail.com> escreveu:

> Ok Rowland.
> Muito obrigado por mais essa ajuda.
> Até a próxima.
>
>
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Livre
> de vírus. www.avast.com
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>.
> <#m_-6496541906621750012_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>
> Em seg., 22 de jun. de 2020 às 10:14, Rowland penny via samba <
> samba at lists.samba.org> escreveu:
>
>> On 22/06/2020 14:00, Fernando Gonçalves wrote:
>> > Good morning Rowland.
>> >
>> > As you may have noticed, I am no expert in deploying SAMBA in an AD
>> > domain.
>> > Could you give me a link with a tutorial that explains in a simple way
>> > the procedure for this?
>>
>> You could start here:
>>
>> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>>
>> >
>> > Just to not leave without a return I executed the following commands:
>> >
>> > # getent group TJSC\users
>> > #
>> > Nothing came back.
>> It shouldn't, not even on a Samba AD DC
>> >
>> > # getent group TJSC users
>> > users: x: 100:
>> > This group "users" is local to the linux server (it is in /etc/passwd)
>> > and does not exist in the AD domain.
>>
>> Ah, yes it does, just not where you expect it ;-)
>>
>> If you examine 'idmap.ldb' on a DC, you should find something like this:
>>
>> dn: CN=S-1-5-21-1768301897-3342589593-1064908849-513
>> cn: S-1-5-21-1768301897-3342589593-1064908849-513
>> objectClass: sidMap
>> objectSid: S-1-5-21-1768301897-3342589593-1064908849-513
>> type: ID_TYPE_GID
>> xidNumber: 100
>> distinguishedName: CN=S-1-5-21-1768301897-3342589593-1064908849-513
>>
>> The '513' is the RID for Domain Users and the xidNumber maps it to to
>> the local 'users' group.
>>
>> >
>> > I can then conclude that my intention to use local users of the linux
>> > server without having to specify the name of the linux server is not
>> > possible, right?
>>
>> Correct, not possible and definitely not supported on a Samba AD DC (or
>> any other Samba domain machine)
>>
>> Rowland
>>
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>

More information about the samba mailing list