On 6/6/05, Robert Schuettler <[EMAIL PROTECTED]> wrote: > Hi everyone, > > is it possible to have a Samba server without creating local accounts > for users on that server? > > Share level security doesn't count though. ;-) The idea is not to need > to create and update users on the Samba server itself (i.e. no local > users, no entries in /etc/passwd, etc). > > The documentation says something about Domain and ADS level security > being basically just forms of user level security, so - for the moment- > it looks to me as if there's no way around creating those local users. > Is that correct?
Not quite, but you can save a few steps if you have some easy & dynamic way to create & maintain the local users. We do linux auth against ADS with a combination of winbind, kerberos, pam_mkhomedir (to auto make the home dir), and pam_mount (to mount/unmount the shares automatically without the user needing root access, and no prior modifications to fstab). With that we have what you want, but it was pretty hard to set up. (I didn't do it--it was our genius network admin doing a ton of reading and a lot of trial and error. But we're not the only ones who've done it.) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba