security = server and valid users

Greg Dickie greg at
Thu Sep 2 10:06:31 GMT 1999

Definitely not if you use: 
guest ok=yes
force user=guest


On 02-Sep-99 David Zanetti wrote:
> Quite possibly this is not quite the right samba list to ask this on, if
> so, please suggest the correct list.
> I ran into an issue (I dare not call it a bug!) when I was asked to set
> up some shares that had a specific valid user list. Although samba goes
> off and queries the password server, and even correctly authenticates
> the user, the user must still have a local unix account. That's fine, I
> can understand that. But part of the share included a force user = x, so
> that the local unix user account being used after authentication was a
> common user. 
> My assumption (which is clearly wrong! :) ) would be that I could use
> force user = x to override the need for a local unix account - all the
> operations would be done by the forced user, and all the authentication
> is being done with the remote NT server. Does this make any sense? Is it
> supposed to _always_ require a local user even when being forced and no
> local authorisation is taking place?
> (This is all with Samba 2.0.4b, Solaris 2.5.1)
> Ex:
> security = server
> password server = mynt
> ..
> [myshare]
>   ...
>   valid users = user1, user2
>   force user = nobody
> -- 
> David Zanetti, Unix System Administrator and Postmaster
> Wellington City Council, New Zealand. Phone +64-4-801-3354

Greg Dickie
Just A Guy*
*from discreet (the logic is gone)
(514) 954-7171
greg at

More information about the samba-ntdom mailing list