[Samba] SAMBA using existing users and passwords on Linux

[Fernando Gonçalves]

Hello everyone.
I'm back because I decided to follow your advice and deploy the system
using a new version of SAMBA with encrypted passwords.
I added the SAMBA server in the AD domain without any problems and I am
already accessing the shares with AD users.
However I have a new problem for which I need help.
When I try to access SAMBA shares with local Linux users, it is necessary
to include the name of the Linux server when passing the local user.
For example if I try to access like this, it doesn't work, it gives an
invalid user error

net use \\host\share /U:localuser

To work the command must be like this:

net use \\host\share /U:host\localuser

What it seems to me is that SAMBA does not authenticate on the local
machine, only in AD.
Is there a way to get SAMBA to authenticate to AD and on the local machine?

<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Livre
de vírus. www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>.
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

Em qui., 4 de jun. de 2020 às 10:26, mathias dufresne via samba <
samba at lists.samba.org> escreveu:

> Hi Fernando,
>
> What kind of system are using your Samba's clients?
>
> If they are using Windows systems joined to AD, you can join your Samba
> server into AD too. Then your users will be able to use Kerberos (ie SSO)
> to authenticate against your Samba server.
>
> Your Samba system users could be local (in /etc/passwd) or coming from AD
> (using winbindd).
> If system users are in /etc/passwd, they would have to have the same name
> as on the client system or you will have to add some username mapping (see
> "username map" option).
>
> Perhaps all that blabla is out of subject, perhaps it will help, I do hope
> it will ; )
>
> Cheers,
>
> mathias
>
> Le jeu. 4 juin 2020 à 08:45, Rowland penny via samba <
> samba at lists.samba.org>
> a écrit :
>
> > On 03/06/2020 22:41, Fernando Gonçalves via samba wrote:
> > > So that it doesn't end without a conclusion I will inform you what has
> > been
> > > accomplished.
> > > As our time was short to complete the migration I decided to install
> the
> > > same version of SAMBA that was already running on the old machine
> > (3.6.6).
> > > After the migration is complete, I will have more time to update the
> > SAMBA
> > > and insert it into our AD domain, thus changing the entire login and
> > > mapping system.
> > > I am very grateful to everyone who responded and helped me in this
> > decision
> > > making.
> > > I wish everyone health.
> >
> > I cannot help but think that was a BAD decision, Samba 3.6.6 is totally
> > unsupported and is very insecure, ever heard of 'wanacry' ?
> >
> > If you must use it, then can I urge you to not connect your network to
> > the internet in any way.
> >
> > I cannot stop you using 3.6.6, it is your network and you control it,
> > but you also get to pick up the pieces when it goes wrong.
> >
> > One last thought, do the people who run your AD know you are doing this
> > very insecure thing ?
> >
> > Rowland
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>