[Samba] Using samba AD in mixed OS environment

Rowland Penny rpenny at samba.org
Sat Apr 28 12:36:42 UTC 2018

On Sat, 28 Apr 2018 13:10:14 +0100
Zdravko Zdravkov via samba <samba at lists.samba.org> wrote:

> Hi guys.
> I've got working samba AD server. It is playing nicely with Windows
> 10 and also successfully authenticating Linux machines with SSSD.

If you want help with sssd, sorry, but this isn't the place.

> On the Windows machines I have our EMC storage smb mounted via group
> policy. Managing permissions for users and groups there, as you know,
> happens with right click, security etc..
> As you may have already guessed the troubles come when my Linux
> machines, that access the storage via nfs mount, need to work with
> folders and files created from the Windows PCs. Linux doesn't "see"
> the actual user/group that owns given folder. It interprets it into
> numbers, some kind of UID that comes from the Windows machines.

For a Linux machine to know an AD user, then 'getent passwd username'
must produce output e.g. getent passwd rowland
rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash

To get this to work, you need to configure several things. The correct
packages need to be installed.
Pamm, smb.conf and /etc/nsswitch.conf need to be configured correctly.
Just how they need to be configured depends on what you are
configuring, a DC or a Unix domain member.

> I'm quite sure that this is common and known issue, but I don't know
> what is the right way to deal with it.

Yes it is and neither do I, well not until you give us more info ;-)

smb.conf from the DC and any Unix domain members.
What OS you are using ?
How are the 'passwd' & 'group' lines set in /etc/nsswitch ?


More information about the samba mailing list