Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-1967: How to configure User.map file with non-zone enabled AD users for Samba

Centrify DirectControl ,   Centrify DirectControl Plugins ,  

26 July,17 at 06:11 PM

Applies to:  All versions of Centrify-enabled Samba on all OS platforms

Question:
How do we configure Valid Users directive in smb.conf to user.map file to include non-zone enabled AD users to share a single AD account?

Answer:
Basically, you need to add the "username map" directive and assign non-zone enabled AD users.  Second, for Valid Users, add in the AD account to be shared by the group.  Then, in the user.map file, add in the non-zone enabled AD users.  You can follow the below sample to see how this works:

username map = /etc/samba/user.map (user.map file contains non-zone enabled AD users)
 

[samba-share]

Valid Users = MyDomain\test1

in /etc/samba/user.map add:

MyDomain\test1 = MyDomain\test2 MyDomain\test3 MyDomain\test4

and finally add Domain Users into the zone.  As always, after modifying the smb.conf file, you'd need to restart Centrify Samba.  By utilizing samba tag "username map", it will allow even non-zone enabled user such as test2 to access samba-share via MyDomain\test1 account.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.