[Samba] login without domain\username

ERIC PEYREMORTE eric.peyremorte at univ-grenoble-alpes.fr
Tue Feb 2 16:35:32 UTC 2021

De: "sambalist" <samba at lists.samba.org> 
À: "sambalist" <samba at lists.samba.org> 
Envoyé: Mardi 2 Février 2021 17:27:12 
Objet: Re: [Samba] login without domain\username 

On 02/02/2021 15:25, ERIC PEYREMORTE wrote: 
> Hi, 
> I didn't miss, just thought it wasn't useful as the option didn't seem 
> to be what i was searching for ;-) 
> Here is my smb.conf (it's minimalistic for now because just in test 
> right now) 
> [global] 
> workgroup = IUTV 
> realm = AD.IUT-VALENCE.FR 
> security = ADS 
> idmap config IUTV:backend = ad 
> idmap config IUTV:schema_mode = rfc2307 
> idmap config IUTV:range = 200-40000 

OK, have you added any uidNumber & gidNumber attributes to AD ? 

If you have, are they inside the 200-40000 range ? 

Also, does the Domain Users group have a gidNumber inside that range ? 

>> Yes they have uidNumber and gidNumber in the good range and domain users have a gidNumber in the range. 

Why 200-40000 ? Do you not have any local users ? 

>> We have some old groups i couldn't see because they were created with a too low range. I plan to move them because they should be in such low ranges. 

>> But everything is working if i connect to a share with IUTV\login. It's just if i was searching a way to remove the domain prefix, but it doesn't seem to be possible. 

> [guest] 
> path = /tmp 
> read only = no 
> guest ok = no 

Interesting name for a share that doesn't allow guest access. 

>> Haha, yes i know i did a lot of tests to check my winbind conf was working, but didn't configure le shares completely yet 


To unsubscribe from this list go to the following URL and read the 
instructions: https://lists.samba.org/mailman/options/samba 

More information about the samba mailing list