[Samba] username maps and security=ads
david.billinghurst at comalco.riotinto.com.au
Mon Oct 17 07:16:16 GMT 2005
I have been having problems with username maps and security=ads.
I now have a solution (or at least a work around) that is working
for me. I sort of stumbled across it, as I don't recall reading
any samba docs that mentions the need to have the realm name
in the smbuser file.
Samba server is RHEL3 with samba-3.0.20 compiled from source
authenticating against a windows ADS.
Here is the smb.conf file
# Global parameters
workgroup = GROUP
realm = GROUP.COMPANY.ORG
server string = Samba Server
encrypt passwords = yes
security = ads
username map = /usr/local/samba-3.0.20/lib/smbusers
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = No
dns proxy = No
os level = 0
log level = 3
comment = Home Directories
read only = No
I found that the smb user map file had to look like
# Unix_name = SMB_name1 SMB_name2 ...
unixuser = smbname GROUP.COMPANY.ORG\smbname
This e-mail and any attachments are private and confidential and may contain privileged information. If you are not an authorised recipient, the copying or distribution of this e-mail and any attachments is prohibited and you must not read, print or act in reliance on this e-mail or attachments.
This notice should not be removed.
More information about the samba