[Samba] domain-free multi-user use cases

Patrick Goetz pgoetz at math.utexas.edu
Wed Oct 27 15:30:34 UTC 2021 


On 10/26/21 08:34, Kees van Vloten via samba wrote:
> On 26-10-2021 15:12, L.P.H. van Belle via samba wrote:
>>>> Thats what i think but i might not gotten the big picture yet here.
>>> This was the OP first post:
>>>
>>> https://www.spinics.net/lists/samba/msg170503.html
>>>
>>> It might help to understand.
>>>
>> Ah,, thats all..
>>
>> So
>>> I have a Linux server, and a NAS device from Synology. Both systems
>>> have matching sets of user names.
>> You must have matching usernames AND passwords AND UID/GIDS on both 
>> devices at least..
>> And LDAP/AD-DC helps here on that part.
> 
> What I remember from this whole series of posts is that indeed the 
> usernames are matching but UIDs/GIDs are not. That is why NFS does not 
> do the trick. Since Samba does not need Linux UIDs/GIDs as it can do 
> idmapping it could potentially bypass the UID/GID issue.
> 


NFSv4 does allow you to do local identity mapping, but it apparently 
doesn't respect permissions/ACLs, so I'm not sure what the point is. 
(Apparently because I've never tried to use this feature.)



> With AD (kerberos) you could do a multi-user mount as root with a keytab 
> (similar to NFS) and then use the permissions on the share to determine 
> which user can do what and use Samba's idmapping.
> 
> My feeling is that the goal is close to this scenario but without 
> AD/kerberos.
> 
> - Kees
> 
>>
>> >From the server, I create a mount through the following command:
>> $ sudo mount.cifs //diskstation/usr /mnt 
>> -ouser=master,multiuser,setuids,idsfromsid
>>
>> I'll assume ..  Mounting /usr ? /mnt
>>
>> This is the user home //diskstation/usr  ( and better use 
>> //FQ.DN.diskstation/usr )
>> /mnt/folder, better dont mess with the first folders /mnt
>> always create a new folder there and use that one.
>>
>>> How may I achieve the desired mapping of ownership and permissions,
>>> based on user name?
>>
>> I personaly dont use mount.cifs.
>> So i cant tell much on that but i have seen very nice example here on 
>> the samba list.
>>
>> My large mail text crashed and .. Didnt save it ..
>> Sight..
>>
>> But maybe soon i'll be using..
>> https://www.windowsfx.org/
>> :-) the time to leave windows desktops getting closer..
>> Collega already installed and testing it. (its ubuntu + kde as base)
>>
>>
>> Greetz,
>>
>> Louis
>>
>>
>>
> 
>

More information about the samba mailing list