[Samba] more cleanup: mis-named AD user

Stefan G. Weichinger lists at xunil.at
Wed Aug 7 17:22:46 UTC 2019

Am 07.08.19 um 11:11 schrieb Stefan G. Weichinger via samba:

>> Use groups... Always, even it its for only 1 users. 
>> So change that : valid users = @YourGroup
>> Or "@Your Group"
>> And use a group from the AD not local linux. 
>> * you can combine these without problems. 
>> I have local linux groups and windows groups for allowing ssh access for example. 
>> Everthing is in the windows groups, except the special linux user that has local group rights. 
>> Im saying this because it will lower the pressure of maintaining the network. 
>> And that is a thing you want.
>> USE GROUPS EVERYWHERE. Best advice i can give here. 

tryring to cleanup some such shares

@mitarbeiter matches a local unix group (which is empty) ... and not the
DOMAIN\mitarbeiter group ...

# wbinfo --group-info=mitarbeiter


Maybe that ist mapped in a way, I don't know anymore.

"mitarbeiter" is not in /etc/group so it seems to come in via winbind
(according to nsswitch.conf)

More information about the samba mailing list