[Samba] a lot of nonbody session with same pid

Rowland penny rpenny at samba.org
Mon Apr 19 14:28:25 UTC 2021

On 19/04/2021 14:44, Alberto Maria Fiaschi wrote:
> I not use acl.
> i just want to use valid user and write list. I want to stick to a purely textual configuration
> User can read and write
> User are in group uosi_vpn_rw -
> Force user are only at level of unix process ... all files are 777 mode .
> If user  connect from pc in ad  non nobody session are created. but the force usere option is still present.
> the workgroups have different names.
> all clients will be with the time passed to ad. but it cannot be done immediately. this is not the correct behavior of the program

You wrote: I make a test machine. The sever is member of AD domain

This means that your users should be in AD, yet your ID's are, to put it 
bluntly, totally incorrect your ranges are just wrong.

Your AD will have a SID in the format:


If you have other Window or Samba machines that are not in the domain, 
then they will have similar SID's, but the 
'1234567890-1234567890-1234567890' parts will be different, so even if 
the user exists in all the workgroups and domain with the same 
uidNumber, the users will all be different users, also you will not be 
able to use 'winbind user default domain = yes' and you will have to use 
trusts and extra 'idmap config DOMAIN :' lines.

Now we move to this line you have in the global part of your smb.conf:

vfs objects = acl_xattr

You cannot use 'valid users' with that line

More information about the samba mailing list