samba - Feb 2012 - Samba w/AD auth on AIX, w/o local users

Hi all,

 

I have Sabma v3.6.0 installed on an AIX 6.1 machine (oslevel
6100-07-02).  The packages come courtesy of Bill Jojo's pware repository
(thanks, Bill!  Was going insane trying to satisfy dependencies...).

 

I have joined the host to the AD domain and can authenticate myself
against Windows 2008 AD (using AD group memberships, as defined in
smb.conf per share), but users who want access to the shares cannot do
so unless they have a local account on the AIX host.

 

Now, I was pretty sure this was possible, but some extensive searching
has netted results that are ambiguous at best.  I'm OK with creating
local accounts with /bin/false as their default shells, but I would much
prefer to have no local footprint for users connecting to shares (it's
an audit hot-topic).

 

Can this be done with this version of Samba?  If so, I will gladly post
my smb.conf, perhaps I'm missing a key directive...

 

Thanks in advance for any and all help!

Steve

 


This message and any attachments are intended only for the use of the addressee
and may contain information that is privileged and confidential. If the reader
of the message is not the intended recipient or an authorized representative of
the intended recipient, you are hereby notified that any dissemination of this
communication is strictly prohibited. If you have received this communication in
error, please notify us immediately by e-mail and delete the message and any
attachments from your system.