[Samba] SAMBA using existing users and passwords on Linux
Fernando Gonçalves
fernandolmg at gmail.com
Wed Jun 24 14:13:03 UTC 2020
Hello people.
I have a new problem with my system.
I am required to list the valid users both in the smb.conf file and in the
computer management of the linux server.
How do I have only one configuration point where I can include the users
that I want to have access to SAMBA shares?
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Livre
de vírus. www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>.
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
Em seg., 22 de jun. de 2020 às 11:57, Fernando Gonçalves <
fernandolmg at gmail.com> escreveu:
> Oops, wrong language ;D
>
> Okay Rowland.
> Thank you very much for this help.
> To the next.
>
>
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Livre
> de vírus. www.avast.com
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>.
> <#m_-8625535769794915558_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>
> Em seg., 22 de jun. de 2020 às 11:55, Fernando Gonçalves <
> fernandolmg at gmail.com> escreveu:
>
>> Ok Rowland.
>> Muito obrigado por mais essa ajuda.
>> Até a próxima.
>>
>>
>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Livre
>> de vírus. www.avast.com
>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>.
>>
>> <#m_-8625535769794915558_m_-6496541906621750012_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>>
>> Em seg., 22 de jun. de 2020 às 10:14, Rowland penny via samba <
>> samba at lists.samba.org> escreveu:
>>
>>> On 22/06/2020 14:00, Fernando Gonçalves wrote:
>>> > Good morning Rowland.
>>> >
>>> > As you may have noticed, I am no expert in deploying SAMBA in an AD
>>> > domain.
>>> > Could you give me a link with a tutorial that explains in a simple way
>>> > the procedure for this?
>>>
>>> You could start here:
>>>
>>> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>>>
>>> >
>>> > Just to not leave without a return I executed the following commands:
>>> >
>>> > # getent group TJSC\users
>>> > #
>>> > Nothing came back.
>>> It shouldn't, not even on a Samba AD DC
>>> >
>>> > # getent group TJSC users
>>> > users: x: 100:
>>> > This group "users" is local to the linux server (it is in /etc/passwd)
>>> > and does not exist in the AD domain.
>>>
>>> Ah, yes it does, just not where you expect it ;-)
>>>
>>> If you examine 'idmap.ldb' on a DC, you should find something like this:
>>>
>>> dn: CN=S-1-5-21-1768301897-3342589593-1064908849-513
>>> cn: S-1-5-21-1768301897-3342589593-1064908849-513
>>> objectClass: sidMap
>>> objectSid: S-1-5-21-1768301897-3342589593-1064908849-513
>>> type: ID_TYPE_GID
>>> xidNumber: 100
>>> distinguishedName: CN=S-1-5-21-1768301897-3342589593-1064908849-513
>>>
>>> The '513' is the RID for Domain Users and the xidNumber maps it to to
>>> the local 'users' group.
>>>
>>> >
>>> > I can then conclude that my intention to use local users of the linux
>>> > server without having to specify the name of the linux server is not
>>> > possible, right?
>>>
>>> Correct, not possible and definitely not supported on a Samba AD DC (or
>>> any other Samba domain machine)
>>>
>>> Rowland
>>>
>>>
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>
More information about the samba
mailing list