[Samba] Berechtigung lokaler User auf Verzeichnis Samba-User gleichen Namens
Rowland Penny
rpenny at samba.org
Fri Apr 4 11:42:34 UTC 2025
On Fri, 04 Apr 2025 11:07:16 +0000
Fred Matthiesen via samba <samba at lists.samba.org> wrote:
> The same output for both:
>
> fred:x:1001:1001:Fred,,:/home/fred:/bin/bash
>
> here the smb.conf:
>
> # Global parameters
> [global]
> netbios name = DC1
> realm = MATLAB.LAN
> server role = active directory domain controller
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
> drepl, winbindd, ntp_signd, kcc, dnsupdate
> workgroup = MATLAN
What I didn't guess was that you are running Samba as an AD DC, using
Bind9 for the dns.
I was trying to show that if a user is not in /etc/passwd (yours is),
then it is still a 'local' user if the user is in AD and the OS is
configured correctly. If the username is in /etc/passwd, that user will
ALWAYS be the default user and the user in AD will be ignored.
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> [netlogon]
> path = /var/lib/samba/sysvol/matlab.lan/scripts
> read only = No
>
> [homes]
> comment = Home Directories
> browsable = yes
> read only = no
> create mode = 0750
> valid users = %S
>
> [Public]
> path = /home/MATLAB/sambadaten
> browseable = yes
> read only = no
> # guest ok = yes
> guest ok = no
> # force user = nobody
> valid users = @smbuser g eine Freigabe mit chmod 0600
> force group = smbuser
> # create mask = 0660
> directory mask = 0770
Using a Samba AD DC as a fileserver isn't recommended, but if you do,
you have to set them up correctly, not like you have, I suggest you
read this:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
Rowland
More information about the samba
mailing list