[Samba] more cleanup: mis-named AD user
Stefan G. Weichinger
lists at xunil.at
Wed Aug 7 09:11:54 UTC 2019
Am 06.08.19 um 16:42 schrieb L.P.H. van Belle via samba:
> Ahh, yes good one, totaly forgot about that one.
> That also possible.
Solved. He had the main network share connected via Administrator.
The changed password let it fail ... now he uses his own user.
nice "smbstatus" now: great
> Just one more thing.. And I dont understand this... Because..
> And im sorry to say..
>
> You .. Should .. Know .. This ..
Yes, I do.
> This share.
>
>> [rsnapshots]
>> path = /mnt/rsnapshots
>> read only = Yes
>> valid users = problem-user, sgw
>
> Now, you tell my, why are you using valid users here and explain also why your not using groups..
> Let me me guess. Because that was the quick solution.. And later on you never changed it..
exactly. These shares are >10 yrs old ... come from NT4-domain-style-times.
> Use groups... Always, even it its for only 1 users.
>
> So change that : valid users = @YourGroup
> Or "@Your Group"
> And use a group from the AD not local linux.
>
> * you can combine these without problems.
> I have local linux groups and windows groups for allowing ssh access for example.
> Everthing is in the windows groups, except the special linux user that has local group rights.
>
>
> Im saying this because it will lower the pressure of maintaining the network.
> And that is a thing you want.
>
> USE GROUPS EVERYWHERE. Best advice i can give here.
ay, sir, will edit.
I even *have* a group for that (for the GPO ...)
More information about the samba
mailing list