[Samba] Problem connecting Samba and Windows Active Directory

Luca Bertoncello L.Bertoncello at queo-group.com
Wed Aug 25 12:55:33 UTC 2021

Getent passwd shows only local users. No AD-users at all... ☹

The Users in AD don't have a uidNumber and don't have "Domain Users" as Group (we use another Group as primary one).


-----Ursprüngliche Nachricht-----
Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland Penny via samba
Gesendet: Mittwoch, 25. August 2021 14:45
An: samba at lists.samba.org
Betreff: Re: [Samba] Problem connecting Samba and Windows Active Directory

On Wed, 2021-08-25 at 12:34 +0000, Luca Bertoncello via samba wrote:
> OK, it seems to work... at least the join...
> Wbinfo -u give me now the users, but I cannot log in...
> In the log file I see:
> [2021/08/25 14:33:27.511190,  1]
> ../../source3/smbd/service.c:353(create_connection_session_info)
>   create_connection_session_info: guest user (from session setup) not 
> permitted to access this share (queo.communication)
> [2021/08/25 14:33:27.511318,  1]
> ../../source3/smbd/service.c:543(make_connection_snum)
>   create_connection_session_info failed: NT_STATUS_ACCESS_DENIED

Does 'getent passwd A_KNOWN_USERNAME' produce output ?

Your smb.conf uses the 'ad' winbind backend, so do your users have a uidNumber attribute and does 'Domain Users' have a gidNumber attribute ? 
If so, are they all in side the '200000-1000200000' range you set in your smb.conf ?


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list