[Samba] interpret non-domain users as domain users?

Christian chanlists at googlemail.com
Thu May 2 00:07:41 UTC 2019

Dear list,

when I connect to a samba AD member server from a windows 10 client not
joined to the domain, it appears that I always have to connect as
DOMAIN\USER. Is it possible to configure samba such that it always
interprets the USER part as being the account name of the one domain
that is configured, and to discard the DOMAIN part supplied by the
client? This may be a dumb question, but thanks for any hints... Cheers,


PS: Here is the smb.conf on the member server:

        bind interfaces only = Yes
        interfaces = lo eth0
        realm = XXX.XXX.XXX
        workgroup = XXX
        netbios aliases = wpkg
        winbind expand groups = 2
        security = ADS
        winbind enum users = yes
        winbind enum groups = yes
        winbind use default domain = yes
        winbind nss info = ad
        winbind refresh tickets = yes
        idmap config * : backend = tdb
        idmap config * : range = 3000 - 7999
        idmap config IQO:backend = ad
        idmap config IQO:schema_mode = rfc2307
        idmap config IQO:range = 10000 - 999999
        idmap config IQO:unix_nss_info = yes
        map acl inherit = yes
        store dos attributes = yes
        vfs objects = acl_xattr

(using debian stretch and Louis' 4.8.10 packages)

More information about the samba mailing list