[Samba] username map with “security = ads”

Philipp Gesang philipp.gesang at intra2net.com
Thu May 2 09:59:45 UTC 2019

Hey guys,

on a machine with the role “member server”, joining AD requires
setting “security = ads”. Access to shares using local users set
up through smbpasswd requires “security = user”. As I understand
the man page, these are mutually exclusive. Now our use case
requires for the machine to be joined but also grant access to
shares to local users. Share access for domain users is not
desirable as clients are mostly automated remote services that
needn’t be AD aware.

I guess handing net a different smb.conf to perform the join is
the obvious quick'n'dirty fix. I’m wondering though if there is a
parameter that would make this unnecessary.

Thank you,

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba/attachments/20190502/503af185/signature.sig>

More information about the samba mailing list