[Samba] Avoiding local unix accounts with "force user". Is that possible?

Felipe Augusto van de Wiel felipe at paranacidade.org.br
Mon Sep 18 13:46:08 GMT 2006

Hash: SHA1

On 09/11/2006 02:50 PM, Andrei Nazarenko escreveu:
> Hello all,
> I am using Samba as a file server with LDAP authentication.
> Here is my samba.conf file:
> Essentially, all the users like "user1", "user2", "user3" authenticate
> via LDAP server, so no local user accounts database (like smbpasswd)
> is needed. I also want all the authenticated users to become just
> *one* actual unix user "samba" after successful authentication, so
> that all files have the same ownership, hence the "force user / force
> group" directives.
> The above configuration works well for me, however, I still must have
> Unix accounts user1, user2, etc., present in /etc/passwd, /etc/group
> and /etc/shadow files for this configuration to work.
> So my question is, basically, about getting rid of those local Unix
> accounts. Is that possible somehow? I simply would like to have just
> one local Unix user account "samba" belonging to the Unix group
> "samba" and no other user accounts.

	Yes, configure your nsswitch and your libnss to query
your LDAP server and you will get your LDAP accounts as UN*X

> It is a tedious task to create (and especially manage!) Unix 
> user accounts if they are replaced at the end of the login
> procedure with a common account anyway.

	Kind regards,

- --
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org


More information about the samba mailing list