this may be an easy one for the samba pros out there:
I have an archlinux box up and running as an samba 4 AD which works as expected. I want to add an user to the samba which lead me to 2 different solutions:
- Creating a samba only user with
samba-tool user add USERNAME
- Creating a samba user from a unix user using
smbpasswd -a <username>
I tried it both ways but the user created has a different user id (generic/numeric username) and doesn't match the unix user, which leads to complications concerning the file permissions.
Is there a way to create "matching" user? Or am I totally missing the point?
Best Answer
Yes, Samba users and Linux users are distinguishable.
Linux user are authenticated through PAM. File is something like
/etc/pam.d/login
or/etc/pam.d/system-auth
depending upon your distribution.Instead, samba users are authenticated following the
winbind
deamon. There are authenticated against the domain which can be read in/etc/smb/samba.conf
. If a user is authenticated by samba and that such Unix user exists, it is mapped to this user else to nobody by default.To acceess to a file a user must be mapped to a user which have access to the file and also have access to the shared file in Samba. There is two layers of security.
May also be usefull https://ubuntuforums.org/showthread.php?t=1949199