Unable to connect to samba share with "force user = unix_user" [Solved] [yes it really is solved]
repenny241155 at gmail.com
Wed Oct 15 07:41:10 MDT 2014
On 15/10/14 14:18, Quentin Gibeaux wrote:
> On 15/10/2014 15:05, Rowland Penny wrote:
>> On 15/10/14 13:57, Quentin Gibeaux wrote:
>>> On 15/10/2014 14:47, Rowland Penny wrote:
>>>> OK, this is what I expected, when you uncomment the 'force user'
>>>> line you are trying to force the files to be owned by 'somename',
>>>> this user is not in AD, hence this is why you are getting
>>>> 'NT_STATUS_NO_SUCH_USER' . Either do not use the line or change
>>>> 'somename' to an AD user.
>>> In facts, i don't understand why it checks in the AD for the user
>>> with 'somename' name.
>>> Anyway, if I try with "force user = root", where root is a unix only
>>> user : it works, whereas root is not in AD (so should be
>>> NO_SUCH_USER, right ?).
>> root is a special case, as far as I am aware it is hardcoded into
>> samba. I would have thought that 'NO_SUCH_USER' on the end of the
>> error message was pretty much to the point, samba **does not know who
>> 'somename' is* *
> It also works with "nobody" or "munin", which aren't in AD either :)
> Is it normal ?
> I still don't get it on why samba's checking on AD for 'force user' :
> isn't it supposed to be only about filesystem rights ?
Samba needs to know who the user is before it does anything, so if it
cannot find the user it returns the error message, it is possible that
'nobody' & 'munin' are getting mapped via winbind so samba knows who
they are, but I cannot be certain because
A) I have never seen your smb.conf
B) I am not sat in front of your computer to do a few tests
Please just accept that it is a bad idea to try and force the ownership
of files in a domain share to a user that is not a domain user.
More information about the samba-technical