[Samba] Samba 4.10.6-1 Configuration on AIX
Rowland penny
rpenny at samba.org
Fri Feb 7 17:44:31 UTC 2020
On 07/02/2020 16:26, Bob Wyatt wrote:
> Rowland,
>
> Thanks for everything!
>
> If I understand correctly, let's say that the user mydomain\bobw is the domain login.
> Let's say that bobw is my UNIX login ID.
If 'bobw' is in /etc/passwd and there is also a user in AD with the
samaccountname 'bobw', then delete the one in /etc/passwd. You cannot
have the same username in /etc/passwd and AD. If you add 'winbind use
default domain = yes' to your smb.conf, then 'mydomain\bobw' will become
just 'bobw'. For example, my record is in AD:
getent passwd rowland
rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash
> I can’t use bobw in my usermap file?
> '!bobw=mydomain\bobw'
> So I need to change my shares to a new ID and set that in my usermap file?
> '!bobw_smb=mydomain\bobw'
You do not use usermaps any more, except for Administrator and yes, you
may have to chown file ownership. There is a way around this though, but
only if you have access to a domain DC, you give your users a uidNumber
attribute and Domain Users a gidNumber attribute and then use the
winbind 'ad' backend instead of 'rid'. You could use the IDs your users
already have, if you want to go down this path, we can discuss this further.
>
> I don’t need to add bobw_smb to /etc/passwd?
Definitely not, as you have seen, Unix knows who I am, but 'cat
/etc/passwd | grep rowland' returns nothing
> Or do I need to add the user and need to set idmap user range to a range to be used for samba users?
Changing the idmap range would only be of use if the winbind 'ad'
backend is used, the 'rid' backend calculates the ID from the user or
groups RID.
>
> Anything else I may be missing?
Possibly, but I do not do mind reading ;-)
Rowland
More information about the samba
mailing list