[Samba] Replacing Windows account with local account.

Gary Dale garydale at torfree.net
Mon Aug 14 04:14:36 GMT 2006


Stephen Carville wrote:
> Gary Dale wrote:
>> Stephen Carville wrote:
>>
>>> OK, I'm stumped.
>>>
>>> I have a Samba server (v3.0.20a) with security=DOMAIN and using winbind
>>> to authenticate non-local users against a W2K domain controller. This
>>> setup happily serves out home directories and about six other shares.
>>>
>>> I need to add a local UNIX account for a formerly Windows only user.
>>> When I try useradd I get: user <username> exists.  This makes sense
>>> becasue of winbind.  What I cannot figure out is how 'erase' him so I
>>> can create a local user account.  I've read thru the man ages but I
>>> can't see how to do this.
>>
>>
>> Did you try removing the account from Windows?
>
> No. He needs a Windows account too.  If nothing else for email.  I 
> could remove the account and the recreate it afterwards but I was 
> hoping for a more elegant solution.
>
>> Otherwise, what does he need as a Unix user? Does his account exist 
>> in the /etc/passwd file or is it just his "home" directory that 
>> exists locally? If the former, it would seem you don't need to create 
>> his account. If the latter, did you try renaming his old home directory?
>
> There is no account in /etc/passwd.  That is what I need to create.  
> He now needs access to the UNIX systems as well as Windows systems.
>
> I don't see how delteing his home directory will buy me anything.
>
> Thank you for your reply.
>

The reason useradd won't add the account could be because you already 
have a home directory for the username. I don't know. You still haven't 
said much about the Unix side of the picture. What is he doing as a Unix 
user and how is your Unix security arranged? What services does he need 
that he can't get from CIFS?

If he just needs access to the shares, he can still access them through 
Unix using CIFS, or you can add an account for him in /etc/passwd with 
the same user number as currently owns his home directory. In a simple 
setup, if you make his local account number (on his workstation) the 
same, you can also give him access via NFS.

However, you specified Unix systems (plural). I gather your Unix setup 
might be more complicated and you may have a single Unix sign-on (but 
not an integrated single sign-on with Windows or we wouldn't be having 
this exchange). Or you may be using some kind of PAM for your Unix 
authentication. Without more details, it's difficult to provide advice. :)



More information about the samba mailing list