[Samba] SSH SSO without keytab file

Rowland Penny rpenny at samba.org
Fri Jan 18 09:06:54 UTC 2019


On Fri, 18 Jan 2019 09:44:27 +0100
"L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:

> Hai, 
> 
> > -----Oorspronkelijk bericht-----
> > Van: Harpoon [mailto:harp00n at protonmail.com] 
> > Verzonden: vrijdag 18 januari 2019 9:24
> > Aan: L.P.H. van Belle
> > CC: samba at lists.samba.org
> > Onderwerp: Re: [Samba] SSH SSO without keytab file
> > 
> > Thanks for the prompt reply!
> Your welkom. 
> 
> > 
> > > I did see that you are using Administrator, and thats the problem.
> > 
> > > Administrator is mapped to root ( most of the time ),
> > > if you assigned Administrator UID = 0 then you have a 
> > problem, because only root = uid 0.
> > >
> > > Never ever give Administrator a UID/GID
> 
> > I am using tdb backend. It mapped administrator account to
> > 12000:10000.
> No no no.. as said, never ever assign administrator a UID/GID. 

He isn't, his borked smb.conf is and it also happens if you use the
'rid' backend:

adminuser at Computer4:~$ getent passwd Administrator
administrator:*:10500:10513::/home/administrator:/bin/bash

> Now your administrator != root anymore and you cannt manage the
> server correctly anymore as user Administrator.

You can, provided you have a user.map in smb.conf

Rowland



More information about the samba mailing list