[Samba] winbind use default domain = yes doesn't work on Samba 4.13?

Jiří Černý cerny at svmetal.cz
Mon Nov 23 11:46:04 UTC 2020

Hello, Rowland.
Yes, user presents in domain. I can't say if there is local account
with same name machine. The machine is CNC milling machine with some
linux/unix PC inside.
We can set only path to share and credentials and only via GUI. It's
hard to debug in this environment.

So I have only log.smbd on fileserver.

Before upgrade, log entries were:
[2020/09/29 05:43:26.537994,  2]
  check_ntlm_password:  authentication for user [dmu60evo] ->
[dmu60evo] -> [DOMAIN\dmu60evo] succeeded

After upgrade, with dmu60evo at DOMAIN:
[2020/11/23 05:39:22.764641,  2]
  check_ntlm_password:  authentication for user [dmu60evo at DOMAIN] ->
[dmu60evo at DOMAIN] -> [DOMAIN\dmu60evo] succeeded

I also tried DOMAIN\\dmu60evo with same results.

So it looks good. But doesn't work -> machine operator can't browse
files on the share.
Maybe it's just Fedora problem. I'll try to deploy CentOS fileserver
with sernet-samba packages and test with the same smb.conf.

>>> Rowland penny <rpenny at samba.org> 20.11.2020 15:34 >>>
On 20/11/2020 13:45, Jiří Černý via samba wrote:
> Yes.
> In the first name, I wrote DOMAIN, but our real workgroup is
> as you cas see in smb.conf.

OK, 4.13.2 with 'winbind use default domain = yes' works for myself and

there isn't anything really wrong with your smb.conf, but there was

So, we have user dmu60evo in our domain, but on client machine, we are
not able to use username in format DOMAIN\dmu60evo. So we have to use
winbind use default domain = yes.

Why can you not use 'DOMAIN\dmu60evo' ?
Is dmu60evo a local Unix user as well as being in AD ?


More information about the samba mailing list