[Samba] samba4 and sssd and user mapping
rowlandpenny at googlemail.com
Mon Jan 20 08:13:54 MST 2014
On 20/01/14 10:25, Denis Cardon wrote:
> Hi everyone,
> on a server running samba4 with sssd for nsswitch mapping, I realized
> recently that on windows workstation in the "folder propery/security
> tab", users are mapped as "Unix user\userlogin" instead of
> I guess this is due to the fact that sssd mapping with getent passwd
> gives me user name without domain name (eg. userlogin), and in the
> samba4 smb.conf I don't know how to specify to use default domain, so
> it probably maps users to DOMAINNAME\userlogin.
> Looking at sssd doc, I didn't find how to add domain name in
> sssd.conf, and in smb.conf, the only related command is "winbind use
> default domain", and I'd like to use sssd instead of winbind.
> So I'd like to ask if there is a "use default domain" command for
> smb.conf without winbind?
Hi, I do not think that this has anything to do with sssd, the problem
seems to occur only on a windows workstation where sssd is not used. Did
you create the unix users with samba-tool?
If you did, then this could be where the problem lies, if you create a
user through ADUC and then add the Unix attributes, ADUC adds the
following attributes to the user:
I think that it is the lack of at least the first on the list that is
giving you your problem.
If you think about it, where is 'Unix user' coming from? I think it is
something windows uses if it cannot get the 'msSFU30NisDomain' but does
Try adding the attributes to one of your users and see if it cures your
More information about the samba