On Thu, 2021-06-24 at 04:46 -0400, Eric Levy via samba
wrote:> On Thu, 2021-06-24 at 09:36 +0100, Rowland Penny via samba wrote:
> > On Wed, 2021-06-23 at 20:39 -0400, Eric Levy via samba wrote:
> > > Are you able to provide any details or references on what
> > > configuration
> > > is needed in Winbind, or what specific tests are helpful in
> > > wbinfo?
> > >
> > > In case it clarifies any misunderstanding, there is no domain
> > > server
> > > or
> > > any similar component or node. There are just two endpoints, a
> > > NAS
> > > and
> > > a server (which will mount the NAS share). User names are the
> > > same
> > > on
> > > both systems. That is, user name "johndo123" on the
server should
> > > have
> > > the same permissions for shared files as "johndo123" on
the NAS,
> > > because of string identity. Currently, there is no authority to
> > > validate that both names are the same user.
> >
> > If there are no Domain Controllers, then you cannot use winbind and
> > whilst there might be users with the same name on each endpoint,
> > they
> > are not the same user.
> >
> > You could try creating a usermap to map users from one endpoint to
> > another.
> >
> > Rowland
>
> Following this suggestion would require making changes to smb.conf on
> the NAS, right (e.g. setting the idmap backend to nss)? Is any option
> available not involving such changes?
>
If there is no Domain Controller, the NAS should be running as a
standalone server and shouldn't have any 'idmap config' lines.
I think it might be a good idea if you posted your smb.conf files.
rowland