[Samba] Permission Denied
rpenny at samba.org
Tue Dec 8 16:54:13 UTC 2015
On 08/12/15 16:33, mathias dufresne wrote:
> 2015-12-08 17:15 GMT+01:00 Rowland penny <rpenny at samba.org>:
>> On 08/12/15 16:02, mathias dufresne wrote:
>>> On any Linux system where you want to be able to use AD users as system
>>> users you need to configure PAM. This because it is PAM which discuss with
>>> the tool you have chosen to retrieve users information from AD and then
>>> build system users with these information.
>> It may be better if you stop calling local Unix users 'system users',
>> system users are something else, i.e. 'root' is a system user, as is
> System users are users available from system side.
> Local users are users declared in /etc/passwd.
> What is the point of your remark?
The point is that 'Unix system users" != 'Unix local users'
On a Unix system, low ID numbers are used for system users i.e. root,
www-data, ntp etc, these numbers are all under 1000 (used to be 500 on
redhat systems), but they all appear in /etc/passwd.
A Unix local user is a user that has an ID number of 1000 and upwards
that appears in /etc/passwd. You can have a user called fred on two
different Unix machines, but they would not be the same user. This is
where AD comes in, by creating the user 'fred' in AD and giving the user
a uidNumber, this user could log into any domain joined computer and
would be the same user.
More information about the samba