[Samba] Can't find users from WinXP with Samba+ADS+ACL environment

Jose Perez jvoorhees1 at gmail.com
Tue Sep 8 05:53:11 MDT 2009

Hi all:

I'm running Samba 3.3.7 as a member of an ADS domain. I configured ACLs that
are working almost fine (I'll ask about this later), and I'm trying to
delegate administration like this:

1. I'm using "acl group control = yes" and changing the primary group owner
of a directory to let users member of that group change ACLs settings.
2. From a Windows XP machine I select the Security tab, then the button Add
and then I write the username to add (i.e bob user) but I'm asked about an
authorized username/password. I enter Administrator username with his
password which get validated correctly but Windows XP says that can't find
'bob' username.

Why can't WinXP find bob username? From the Samba machine I'm able to see
that user from 'wbinfo -u' and 'getent passwd' list. Is it correct that
WinXP tries to find usernames from the Samba server instead from the AD

This is the current sceneario:

- Samba server and AD Server are in a network working fine
- WinXP is connected via OpenVPN to that network and access Samba shares
with a valid username/password
- WinXP isn't joined to the ADS domain.

Is it mandatory for WinXP to be part of the domain to get the list of users

I hope someone can help me. Thanks

More information about the samba mailing list