[Samba] winbind: authenticating UNIX user before Win Domain user

Luke Mewburn lukem-samba at mewburn.net
Thu Nov 18 06:53:32 GMT 2004

On Wed, Nov 17, 2004 at 03:48:06PM -0500, Greg Chavez wrote:
  | We have a samba 3.0.7 server on RHEL-3 (rain) joined as a domain
  | member (security = domain) to a win2k pdc (clouds) for the domain DOM.
  |  We have several unix users and two Win-only users.  The unix users
  | have matching AD accounts on the win2k, but the Win-only users do not
  | have unix accounts (and we want to keep it that way).  So, it seemed
  | that winbind would be the best way to bridge the gap:
  | 1.  UNIX users could access shares on the samba server in the same way
  | whether logged on to windows workstation or the samba server itself
  | 2.  Files created on the shares would be controlled via permissions
  | for UNIX users and groups.
  | 3.  Win users would not need to have UNIX accounts created, but could
  | access the samba shares as easily as the UNIX users.
  | 4.  Home directories and profiles will be pulled from the samba server.
  | It works well exept that winbind does not authenticate the UNIX users
  | as expected when they logon from Windows.

I have the same requirement; except samba can't currently do this.  See:

I implemented a "trim default domain" option and provided a patch in:

(I would suggest the "canonical" mailing list URL
except the mailing list archive software there borked the message.)

The rest of the thread on samba-technical has more details.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20041118/f8a01a38/attachment.bin

More information about the samba mailing list