[Samba] When ad domain machine shutdown, samba can not auth with unix local user
Rowland Penny
rpenny at samba.org
Thu Mar 7 11:31:28 UTC 2019
On Thu, 7 Mar 2019 18:58:41 +0800
谷雷 <guleicarter at gmail.com> wrote:
> Hi,
>
> My smb.conf as below, my ad domain name is HIKAD1.
>
> [global]
> browseable = no
> guest ok = no
> security = ADS
> map to guest = bad user
> # disable printers
> load printers = no
> printing = bsd
> printcap name = /dev/null
> disable spoolss = yes
> encrypt passwords = yes
> winbind enum groups = yes
> winbind enum users = yes
> #acl check permissions = no
> #acl map full control = no
> create mask = 0775
> force create mode = 0775
> winbind use default domain = no
> winbind offline logon = false
> winbind nss info = template
> winbind cache time = 60
> template shell = /sbin/nologin
> template homedir = /var/naslocalhome
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
> idmap config HIKAD1 : backend = rid
> idmap config HIKAD1 : range = 100000-999999
> realm = HIKAD1.COM <http://hikad1.com/>
> workgroup = HIKAD1
> netbios name = numb2
>
> [gltest]
> comment =
> path = /hdcfs/gltest
> public = no
> writable = no
> valid users = "HIKAD1\aduser",gluser
> write list = "HIKAD1\aduser",gluser
> directory mask = 0755
Try changing 'winbind offline logon = false' to 'winbind offline
logon = yes'
This will cache your logon credentials.
I also hope by 'unix local user' that you mean an AD user that has
become a local user via Samba and not a user that exists in /etc/passwd.
Rowland
More information about the samba
mailing list