How do we configure Valid Users directive in smb.conf to user.map file to include non-zone enabled AD users to share a single AD account?
Basically, you need to add the "username map" directive and assign non-zone enabled AD users. Second, for Valid Users, add in the AD account to be shared by the group. Then, in the user.map file, add in the non-zone enabled AD users. You can follow the below sample to see how this works:
username map = /etc/samba/user.map (user.map file contains non-zone enabled AD users)
Valid Users = MyDomain\test1
in /etc/samba/user.map add:
MyDomain\test1 = MyDomain\test2 MyDomain\test3 MyDomain\test4
and finally add Domain Users into the zone. As always, after modifying the smb.conf file, you'd need to restart Centrify Samba. By utilizing samba tag "username map", it will allow even non-zone enabled user such as test2 to access samba-share via MyDomain\test1 account.