security = server and valid users

David Zanetti Zanett2D at wcc.govt.nz
Thu Sep 2 05:06:29 GMT 1999


Quite possibly this is not quite the right samba list to ask this on, if
so, please suggest the correct list.

I ran into an issue (I dare not call it a bug!) when I was asked to set
up some shares that had a specific valid user list. Although samba goes
off and queries the password server, and even correctly authenticates
the user, the user must still have a local unix account. That's fine, I
can understand that. But part of the share included a force user = x, so
that the local unix user account being used after authentication was a
common user. 

My assumption (which is clearly wrong! :) ) would be that I could use
force user = x to override the need for a local unix account - all the
operations would be done by the forced user, and all the authentication
is being done with the remote NT server. Does this make any sense? Is it
supposed to _always_ require a local user even when being forced and no
local authorisation is taking place?

(This is all with Samba 2.0.4b, Solaris 2.5.1)

Ex:

security = server
password server = mynt
...
[myshare]
  ...
  valid users = user1, user2
  force user = nobody

-- 
David Zanetti, Unix System Administrator and Postmaster
Wellington City Council, New Zealand. Phone +64-4-801-3354


More information about the samba-ntdom mailing list