[Samba] more cleanup: mis-named AD user

Stefan G. Weichinger lists at xunil.at
Wed Aug 7 17:22:46 UTC 2019


Am 07.08.19 um 11:11 schrieb Stefan G. Weichinger via samba:

>> Use groups... Always, even it its for only 1 users. 
>>
>> So change that : valid users = @YourGroup
>> Or "@Your Group"
>> And use a group from the AD not local linux. 
>>
>> * you can combine these without problems. 
>> I have local linux groups and windows groups for allowing ssh access for example. 
>> Everthing is in the windows groups, except the special linux user that has local group rights. 
>>
>>
>> Im saying this because it will lower the pressure of maintaining the network. 
>> And that is a thing you want.
>>
>> USE GROUPS EVERYWHERE. Best advice i can give here. 

tryring to cleanup some such shares

@mitarbeiter matches a local unix group (which is empty) ... and not the
DOMAIN\mitarbeiter group ...

# wbinfo --group-info=mitarbeiter
mitarbeiter:x:13218:

*sigh*

Maybe that ist mapped in a way, I don't know anymore.

"mitarbeiter" is not in /etc/group so it seems to come in via winbind
(according to nsswitch.conf)






More information about the samba mailing list