[Samba] Disable Pam checking for Samba4 Standalone role server with samdb_dbds as passdb backend !

CpServiceSPb . cpservicespb at gmail.com
Mon Jun 16 11:04:45 MDT 2014

I will look at wiki look further and further.
But if ou have useful, really useful link, please send or post.
I talk about info where interoperation between Samba4 and OS local security
subsystem is described.

>Because your users are storing information on the underlying OS, if the
>underlying OS doesn't know the user, it will not store the information
>or allow connection to it.

Again, when I add user to Samba4, he/she is stored in Samba4 only. Do you
agree with the statement ?

>I fully understand the question, you seem to be unable to understand the
answers, or are unwilling to do so.

I understand your phrases. But you didn' t provide any proofs/links.
You can even be partly or fully right, but without any proofs I can
estimate your answers as your oppinion. But I need explonation or at least
proofing and solution.
Regarding Wiki, exact link you sent, it doesn' t explain, it describe "Make
domain users/groups available locally through Winbind" only.
And it can be understood in a double way, as yours one and as my assumption.

> You do not need to create the users as Unix users as well, you just need
to make the underlying OS be able to get the users
> from AD, on the samba4 AD you need to set up the winbind links and edit

It is: net user->Samba4->Pam (OS authorize/security subsystem) -> Samba4
(via nssswitch) . There is partial cycling.

> If you are accessing the shares over the net, you are accessing them
locally on the OS.
Ok. But Samba4 works from Roo as I remember. There are no problems.

And thirdly, one question you didn' t post anything.
I got working configuration whe I use Samba4 in AD DC mode without any
else. Why. What is difference ?

More information about the samba mailing list