[Samba] login without domain\username

Roy Eastwood spindles7 at gmail.com
Tue Feb 2 15:05:56 UTC 2021 

As far as I am aware, if you are using a Windows machine NOT joined to the domain, you will have to provide the domain name regardless of the samba settings otherwise it will default to the machine name.

HTH
Roy

> -----Original Message-----
> From: samba <samba-bounces at lists.samba.org> On Behalf Of ERIC PEYREMORTE via samba
> Sent: 02 February 2021 14:33
> To: Rowland penny <rpenny at samba.org>
> Cc: sambalist <samba at lists.samba.org>
> Subject: Re: [Samba] login without domain\username
> 
> Hi thanks for your answer !
> 
> I already have the parameter, but from a windows client or even smbclient, the username gets always prefixed by the machine name.
> 
> Wireshark capture :
> 
> 
> And the winbind seems to work only when the "domain component" is missing from the username :
> 
> from man smb.conf :
> winbind use default domain :
> "This parameter specifies whether the winbindd(8) daemon should operate on users without domain component in their username."
> 
> Maybe what i want to do isn't possible ?
> 
> Cheers,
> Eric
> 
> 
> De: "sambalist" <samba at lists.samba.org>
> À: "sambalist" <samba at lists.samba.org>
> Envoyé: Mardi 2 Février 2021 12:24:16
> Objet: Re: [Samba] login without domain\username
> 
> On 02/02/2021 11:13, ERIC PEYREMORTE via samba wrote:
> > Hi all,
> >
> > I'm sure it's a newbie question but is it possible to allow users on computers outside domain to connect to a share just with their
> login instead of domain\login ?
> >
> > Ex: when a user using an off domain computer connects to \\srv-name\share, he has to prefix its username with the domain
> (domain\user).
> >
> > In our previous setup with samba 3, on our domain member file server we used that : map untrusted to domain = yes.
> >
> > Now we have an AD windows server 2019, several samba4 files servers and a single domain.
> >
> > I can connect to the windows server with bogus\login or plain login, but it doesn't work on file servers.
> >
> > I know i could use the UPN, but it was to make the transition easier to users (non technical).
> >
> > If it's not possible, why isn't it ? Is it something with kerberos of ntlm ?
> >
> > Cheers
> 
> Try adding 'winbind use default domain = yes' to the smb.conf files and
> reload Samba with 'smbcontrol all reload-config'
> 
> If that doesn't work, please post your smb.conf
> 
> Rowland
> 
> 
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list