[Samba] Samba local user without /etc/passwd

Gionatan Danti g.danti at assyoma.it
Thu Jul 9 11:19:48 UTC 2015

On 09/07/15 12:25, Reindl Harald wrote:
>> In short: while my samba server is connected to the AD domain, I would
>> also like to have some local (non domain) user for other tasks.
>> It is my understanding that for a local samba user I _need_ to create
>> the relative unix user (using useradd) and then use the samba-provided
>> tool smbpasswd. I simply wonder if it is possible to create local users
>> using _only_ smbpasswd (or equivalent), without messing with the real
>> local unix user table stored in "/etc/passwd" (hence the world "virtual)
> the smbd process is running as your user for security and permissions
> as which user should it run without a unix user
> root?

I perfectly understand your reasons.

My question stems from the fact that, while connected to an AD domain, 
samba (or better, winbind) is impersonating remote users without 
problems. This is done using the "winbind" keyword in /etc/nsswitch.conf

So, I wonder if winbind is capable of doing something similar with 
tdbsam users, impersonating them _without_ a local entry in /etc/passwd. 
Basically, what I want is to tell samba/winbind "do the same thing you 
are doing for AD, but using tdbsam as backend".

While I suspected that it is not possible, I liked a direct confirmation 
from the list...


Danti Gionatan
Supporto Tecnico
Assyoma S.r.l. - www.assyoma.it
email: g.danti at assyoma.it - info at assyoma.it
GPG public key ID: FF5F32A8

More information about the samba mailing list