[Samba] administrator on a samba file server
Rowland penny
rpenny at samba.org
Tue Nov 5 13:34:20 UTC 2019
On 05/11/2019 12:50, Frédéric Goudal via samba wrote:
> Hello,
>
> I have the following problem and I don’t find any documentation :
>
> I have an Active Directory domain.
> I have setup a samba server, that I want to use as a file server.
> The samba server has joined the domain, I use winbind and when I do a getent passwd <user> I have the correct informations for « standard » users.
> I use the uidNumber active directory attribute to the the uid of the user, this is working.
>
> What I want to do is to copy files from a windows file server to the new samba server without losing the acl on the files.
>
> To do that I guess I should use the domain administrator login to connect from the windows server to the samba server and than copy the files.
> But I can’t find any informations on how to connect as a domain administrator on the samba file server, and I guess the uid of the administrator should be 0 on the samba file server.
>
> I guess it’s a common problem, but I’m a bit lost.
By default on a Samba AD DC, Administrator is mapped to the Unix user
'root' in idmap.ldb
To get the same mapping on a Unix domain member, you need to add
something like this to smb.conf:
username map = /etc/samba/user.map
and create /etc/samba/user.map containing this:
!root = DOMAIN\Administrator
Where 'DOMAIN' is your workgroup name in uppercase.
You will need to set up the shares correctly, see here:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
You will also need to set up your smb.conf correctly, so it will
probably help if you post your present one.
Rowland
More information about the samba
mailing list