[Samba] Local user could not access share directory
Rowland Penny
rpenny at samba.org
Thu Jan 25 09:26:45 UTC 2018
On Thu, 25 Jan 2018 08:24:42 +0800
Younger Liu <younger.liucn at gmail.com> wrote:
> 2018-01-22 17:16 GMT+08:00
> Rowland Penny via samba <samba at lists.samba.org>:
> >
> >
> >
> > I thought I already had, remove the duplicate users
> > from /etc/passwd, change to the
> > winbind 'rid' backend and your AD users will become Unix
> > users as well.
> > If you don't want the DOMAIN at the start of the username and you
> > only have one AD domain, add this to smb.conf:
> >
> > winbind use default domain = yes
>
> tks Rowland.
> I have esolved this problem. add configurations:
> winbind use default domain = no
That is the default setting, so you do not need to explicitly set it.
> using winbind 'rid' backend
> It would distinguishes two kinds of users. Domain users look likes
> "DOMAIN\username", and local users look likes "username". Although
> they have same username, their IDs are not different.
Yes, but are they actually the same users, i.e. is local Unix user
'fred' the same user as AD user 'fred' ?
If they are, then the AD user 'fred' will be denied access to files
owned by the local Unix user 'fred'.
You will also have two points of administration of users and groups.
This is not a good idea, especially if you consider that because you
are using the 'rid' backend, ALL your users are now Unix users.
Rowland
More information about the samba
mailing list