[Samba] Samba and active Directory

Andreas Hubert ahu at censhare.de
Fri May 14 03:11:20 MDT 2010

hi all,

yes the good old topic where most people have a problem with :)

I have a Windows 2003 Active Directory Server und want that users on
this directory are able to login on a Samba Share.
The authentication with wbinfo -a user%password works and I already
joined the domain with
net ads join
I am also able to authenticate as directory user with his directory
password, BUT only if this username also exists in the /etc/passwd file.
Users which username is not in the lokal passwd file cannot login.
I use samba Version 3.0.37 on Solaris 10, here is my smb.conf:

        workgroup = ABC
        realm = ABC.DE
        server string = Samba Server
        security = ADS
        map to guest = Bad User
        password server = ABCDC01.abc.de ABCDC02.abc.de
        use kerberos keytab = Yes
        log file = /var/log/samba/log.%m
        max log size = 50
        time server = Yes
        os level = 65
        local master = No
        domain master = No
        wins support = Yes
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind separator = +
        winbind use default domain = Yes

        comment = test
        path = /test
        valid users = ABC+corpus, ABC+ahu
        read only = No

The user ABC+corpus also exists locally and I am able to logon with his
Directory password on the share, but not with the user ABC+ahu
If I just do
useradd ahu
I am able to logon with this user!
What am I doing wrong? I also want that users from the directory will be
mapped to the local user corpus from the access rights and would do this
with "force user = corpus" on the share, would this be right?

Thanks for any help

More information about the samba mailing list