[Samba] SMB share access for machines which are not joined to the domain?
Goetz, Patrick G
pgoetz at math.utexas.edu
Tue Jun 25 20:11:09 UTC 2019
On 6/25/19 12:56 PM, Rowland penny via samba wrote:
>> C:\Users\cns-dbr2717>net use * \\cns-bio-krak1.austin.utexas.edu\emtifs
>> /user:austin.utexas.edu\dbr2717
>> System error 1311 has occurred.
>>
<snip>
>
> First, what part of 'Red-hat doesn't support the use of sssd with Samba'
> do you not understand ? ;-)
>
Hmmm, "support" and "works" are 2 different things. We do have Samba
4.8.3 working fine with sssd.
> You cannot run sssd and winbind on the same machine.
>
I don't understand why that would be, though. This person appears to
have it working, providing this comment:
"Please check the list archive for config examples. The main idea is to
add idmap_sss to the Samba configuration to make sure winbind and SSSD
use the same id-mapping, see man idmap_sss for details as well." The
very existence of idmap_sss calls the validity of your statement into
question, doesn't it?
This URL includes an example, but -- disclaimer -- we were not able to
get this working with the packaged versions shipped with CentOS 7.6.1810
https://lists.fedoraproject.org/archives/list/sssd-users@lists.fedorahosted.org/thread/U66MEJBMXVJWJVCBORS2KBP7BIAGZ57H/
>
> If you are running Samba >= 4.8.0 on an Unix domain member, you must run
> winbind.
See above; we have a fully functionally smbd from 4.8.3 running without
winbind.
>
> The problem with using user from an unjoined machine is probably the
> username. Every computer running Windows or Samba is a member of a
> workgroup unless it is joined to a domain. This means that it will be
> sending WORKGROUP\username and a domain member will be expecting
> DOMAIN\username, so try connecting as DOMAIN\username.
>
But isn't DOMAIN\username exactly what I'm doing in the example provided
at the top of this message?
> Rowland
>
>
>
More information about the samba
mailing list