[Samba] login without domain\username
Rowland penny
rpenny at samba.org
Tue Feb 2 16:50:03 UTC 2021
On 02/02/2021 16:35, ERIC PEYREMORTE wrote:
>
> ------------------------------------------------------------------------
> *De: *"sambalist" <samba at lists.samba.org>
> *À: *"sambalist" <samba at lists.samba.org>
> *Envoyé: *Mardi 2 Février 2021 17:27:12
> *Objet: *Re: [Samba] login without domain\username
>
> On 02/02/2021 15:25, ERIC PEYREMORTE wrote:
> > Hi,
> >
> > I didn't miss, just thought it wasn't useful as the option didn't seem
> > to be what i was searching for ;-)
> >
> > Here is my smb.conf (it's minimalistic for now because just in test
> > right now)
> >
> > [global]
> > workgroup = IUTV
> > realm = AD.IUT-VALENCE.FR
> > security = ADS
> > idmap config IUTV:backend = ad
> > idmap config IUTV:schema_mode = rfc2307
> > idmap config IUTV:range = 200-40000
>
>
> OK, have you added any uidNumber & gidNumber attributes to AD ?
>
> If you have, are they inside the 200-40000 range ?
>
> Also, does the Domain Users group have a gidNumber inside that range ?
>
> >> Yes they have uidNumber and gidNumber in the good range and domain
> users have a gidNumber in the range.
>
> Why 200-40000 ? Do you not have any local users ?
>
> >> We have some old groups i couldn't see because they were created
> with a too low range. I plan to move them because they should be in
> such low ranges.
>
> >> But everything is working if i connect to a share with IUTV\login.
> It's just if i was searching a way to remove the domain prefix, but it
> doesn't seem to be possible.
That's just it, it is possible:
rowland at devstation:~$ getent passwd rowland
rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash
That is on the Linux computer I am typing this on.
To be honest, I expected you to post a smb.conf from a Samba DC, where
it isn't possible to remove the DOMAIN
Rowland
More information about the samba
mailing list