Unable to connect to samba share with "force user = unix_user"

Quentin Gibeaux qgibeaux at iris-tech.fr
Wed Oct 15 05:46:17 MDT 2014

On 15/10/2014 13:38, Rowland Penny wrote:
> On 15/10/14 12:28, Quentin Gibeaux wrote:
>> On 15/10/2014 13:15, Rowland Penny wrote:
>>> A unix only user cannot be a member of an AD group, only an AD user 
>>> can be a member of an AD group. This means that when you try to 
>>> connect to a samba share (on a machine that is joined to the domain) 
>>> as a local unix user, then samba is not going to know who your user is.
>>> If you run samba as a 'classic' PDC then you could & should have 
>>> users both as local & domain users, but with AD this is no longer 
>>> allowed, you also cannot have a user & a group with the same name.
>>> Rowland
>> Sorry, i've forgotten to say that I'm not trying to connect to the 
>> share with this 'somename' user, but with whatever AD's user that is 
>> member of the AD's group (valid users = +somename).
>> Haven't the "force user" parameter nothing to do with the connection 
>> proccess ? The documentation says it's only used for the fs accesses 
>> (read/write/ownerships).
>> Quentin
> Shouldn't +somename be @somename ?
> Rowland
Indeed, but it doesn't change the result, even if I comment the valid 
users line (so it is accessible to any user), I still have the NO_SUCH_USER.


More information about the samba-technical mailing list