Re: [Samba] Local user could not access share directory
- Date: Sat, 20 Jan 2018 09:40:39 +0000
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Local user could not access share directory
On Sat, 20 Jan 2018 17:22:32 +0800
Younger Liu <younger.liucn@xxxxxxxxx> wrote:
> 2018-01-19 18:11 GMT+08:00 Rowland Penny via samba
> > You are using the winbind 'ad' backend, have you added anything to
> > the users AD object (a uidNumber attribute for instance)
> > You also seem to saying that you have users with the same name
> > in /etc/passwd and AD, this is NOT allowed, the user should only be
> > in AD.
> Yes, the local users in /etc/passwd has the same name as in the
> I do not add anything to users AD object.
> If local users are not same to AD users, they could access the share
> Only local users which in /etc/passwd have same names in AD, local
> users (such as: testuser) could not access share directory, But AD
> users (such as: ENAS\testuser) could access share directory. Why?
> As you say, the same name in /etc/passwd and AD is not allowed. Why?
Because the local user will always be found first and the AD user
ignored. You do not need users in /etc/passwd on a Unix domain member,
you just make the AD user into Unix users by using the winbind 'ad'
backend and ADDING a unique uidNumber attribute to the user and a
gidNumber attribute to Domain Users, OR you can use the winbind 'rid'
backend and you do not need to add anything to AD.
It is all explained here:
To unsubscribe from this list go to the following URL and read the