Web lists-archives.com

Re: [Samba] Authenticating AD users and Local users

Thank you for replying!
I can login with my Active Directory credentials, but I can’t login using the local CentOS “svc_dictations” account.
I created the local account usingusing “adduser”, “smbpasswd”, and then updating my smb.conf file (below).

Thank you,


   workgroup = YALE
   password server = ad1.yu.yale.edu<http://ad1.yu.yale.edu> ad2.yu.yale.edu<http://ad2.yu.yale.edu>
   realm = YU.YALE.EDU<http://YU.YALE.EDU>
   security = ads
   idmap config * : range = 16777216-33554431
   template shell = /sbin/nologin
   kerberos method = system keytab
   winbind use default domain = true
   winbind offline logon = true

idmap config YU:schema_mode = rfc2307
idmap config YU:range = 100000-199999
idmap config YU:backend = rid
idmap config * : range = 16777216-33554431
idmap * : backend = tbd
dedicated keytab file = /etc/krb5.keytab
log level = 4
guest account = nobody
guest ok = no
log file = /var/log/samba/log.%m

printing = cups
printcap name = cups
load printers = yes
cups options = raw
store dos attributes = yes
vfs objects = acl_xattr
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes

comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No

comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775

comment = testshare
path = /testshare
valid users = @pathology_its svc_dictations
writable = yes
read only = No

On Feb 16, 2019, at 3:33 AM, Rowland Penny via samba <samba@xxxxxxxxxxxxxxx<mailto:samba@xxxxxxxxxxxxxxx>> wrote:

On Fri, 15 Feb 2019 22:12:21 +0000
"Paquin, Brian via samba" <samba@xxxxxxxxxxxxxxx<mailto:samba@xxxxxxxxxxxxxxx>> wrote:

With a lot of help, I just got AD authentication working (Samba
4.8.3, CentOS 7.6, using Winbind). I then added a local account to a
share, but I can’t login. My smb.conf has “security = ads”, but I
can’t figure out how to use that AND authenticate local users.

How can I authenticate Active Directory AND local users?


How did you add the 'local' account to the share ?
Define 'login'

Please post your smb.conf (in the post, without commented lines)


To unsubscribe from this list go to the following URL and read the
instructions:  https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.samba.org%2Fmailman%2Foptions%2Fsamba&amp;data=02%7C01%7Cbrian.paquin%40yale.edu%7C5c6090ca9ebe4cc7add208d693e97e9d%7Cdd8cbebb21394df8b4114e3e87abeb5c%7C0%7C0%7C636859028488910148&amp;sdata=DnOCiIjUYJNCwv%2BKuKSUf4KHnjErBOL%2BlLTeQdyIDPU%3D&amp;reserved=0

[Yale Pathology Logo]
Brian Paquin
Help Desk Support Yale Pathology ITS
310 Cedar St. BML B50
New Haven, CT 06520

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba