[Samba] Making Linux and domain users the same

org-samba at freed.com org-samba at freed.com
Sat Mar 2 02:21:19 MST 2013

I have a set of Linux boxes with (nearly) working Samba configurations.  Windows users can get in and work with shares.  My one problem is that the local  user "joe" is not the same as the domain user that logs into Samba.  And that means that users cannot access their own home directories, unless I relax the Linux permissions.

This is not surprising, given the way Samba was configured -- but the question now is "how can I fix it?"  I have played with the usermap, but haven't gotten that to work.  And I would prefer not to have to map every user on every target box; there are a lot of them.  It seems likely that there should be a global solution to this.

The evidence for the problem is clear.  Below is a listing of directory containing two files:  one created under by the local Linux user, and one created by the same user on a Windows box connecting to the share:

$ ls -l
total 4
-rw-r--r-- 1 joe    users        3 Mar  2 03:40 File_Created_In_Linux
-rwxrw-rw- 1 joe    domain users 3 Mar  1 13:12 File_Created_In_Windows
$ ls -n
total 4
-rw-r--r-- 1    12903      100 3 Mar  2 03:40 File_Created_In_Linux
-rwxrw-rw- 1 16777217 16777216 3 Mar  1 13:12 File_Created_In_Windows

And here is the Samba config:

        workgroup = XXXXX
        realm = XXXXX.com
        netbios aliases = XXXXX
        security = DOMAIN
        password server = XXXXX
        wins server = XXXXX
        ldap ssl = no
        idmap uid = 16777216-33554431
        idmap gid = 16777216-33554431
        template homedir = /usr/acct/%U
        template shell = /bin/tcsh
        winbind cache time = 5
        winbind use default domain = Yes
        create mask = 0777
        directory mask = 0777

        path = /shares/test
        read only = No

        read only = No

Thanks in advance for any light you might shine on this.

More information about the samba mailing list