Hi thanks for your answer !
I already have the parameter, but from a windows client or even smbclient, the
username gets always prefixed by the machine name.
Wireshark capture :
And the winbind seems to work only when the "domain component" is
missing from the username :
from man smb.conf :
winbind use default domain :
"This parameter specifies whether the winbindd(8) daemon should operate on
users without domain component in their username."
Maybe what i want to do isn't possible ?
Cheers,
Eric
De: "sambalist" <samba at lists.samba.org>
?: "sambalist" <samba at lists.samba.org>
Envoy?: Mardi 2 F?vrier 2021 12:24:16
Objet: Re: [Samba] login without domain\username
On 02/02/2021 11:13, ERIC PEYREMORTE via samba wrote: > Hi all,
>
> I'm sure it's a newbie question but is it possible to allow users
on computers outside domain to connect to a share just with their login instead
of domain\login ?
>
> Ex: when a user using an off domain computer connects to \\srv-name\share,
he has to prefix its username with the domain (domain\user).
>
> In our previous setup with samba 3, on our domain member file server we
used that : map untrusted to domain = yes.
>
> Now we have an AD windows server 2019, several samba4 files servers and a
single domain.
>
> I can connect to the windows server with bogus\login or plain login, but it
doesn't work on file servers.
>
> I know i could use the UPN, but it was to make the transition easier to
users (non technical).
>
> If it's not possible, why isn't it ? Is it something with kerberos
of ntlm ?
>
> Cheers
Try adding 'winbind use default domain = yes' to the smb.conf files and
reload Samba with 'smbcontrol all reload-config'
If that doesn't work, please post your smb.conf
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba