[Samba] a lot of nonbody session with same pid
Rowland penny
rpenny at samba.org
Mon Apr 19 09:01:42 UTC 2021
On 19/04/2021 09:16, Alberto Maria Fiaschi wrote:
> I make a test machine. The sever is member of AD domain (config at he end of these mail).
> The behavior is identical. The PCs that are in workgroups generate many sessions with the nobody user, especially when they open excell files or run some program.
> The server SO is Ubuntu 20.04.2 LTS with samba ver 4.11.6-Ubuntu .
>
On top of what Louis has said, lets look at your share:
[TEST2]
comment = Cartella documenti TEST
path = /sambatest/shares/Uosi/groups/TEST2
valid users = @uosi_vpn_ro, at uosi_vpn_rw
write list = @uosi_vpn_rw
force user = nobody
force group = uosi_quota
You are not using the Samba guest user 'nobody' but you are forcing all
the created files & directories to belong to 'nobody' with the group
'uosi_quota'. the only users that can connect to the share are members
of the 'uosi_vpn_ro' & 'uosi_vpn_rw' groups, but, as the share is read
only, only members of the 'uosi_vpn_rw' can write to the share. However,
because everything ends up with 'nobody:uosi_quota' ownership, no one
will be able to read anything.
Can I suggest you do two things, read this wikipage:
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
And then set the share permissions from Windows by following this wikipage:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
There is also a problem with using a workgroup machine in an AD domain,
even if the workgroup user has the same name as a domain user, it will
be unknown to the domain. I personally would suggest you join any
workgroup machines to the AD domain, that way, all users are domain users.
Rowland
More information about the samba
mailing list