[Samba] Should I be able to access shares w/o authenticating again?

Rowland Penny rpenny at samba.org
Sat Nov 19 19:37:21 UTC 2022

On 19/11/2022 19:22, Rob Campbell via samba wrote:

>> I did this 

You did what ?

> and now I am able to log in using domain credentials w/o having
> to do 'user at domain' or 'domain\user' but that seems to have disabled the
> ability to log in using a local user (on the dc only)

I think I have already said this, but just in case I didn't, you cannot 
have a local Unix user called by the same username as an AD user. You 
make the AD become a Unix user.

> Nov 19 14:15:12 DC01 kernel: audit: type=1400 audit(1668885312.805:1770):
> apparmor="ALLOWED" operation="open"
> profile="/usr/sbin/sssd//null-/usr/libexec/sssd/sssd_nss"

Ah, well, that's me out of this thread, my opinion of sssd is well 
known, I do not see the point to it in an AD domain.


More information about the samba mailing list