smb.conf/params/username map

from HTYP, the free directory anyone can edit if they can prove to me that they're not a spambot
Jump to navigation Jump to search


This parameter specifies the name of the Samba usermap file, typically named /etc/samba/smbusers. See smbusers for details on the file's layout.

  • Default: username map = # no username map
  • Example: username map = /usr/local/samba/lib/

Version Sensitivity

Samba versions prior to 3.0.8 would only support reading the fully qualified username (e.g.: DOMAIN\user) from the username map when performing a kerberos login from a client. However, when looking up a map entry for a user authenticated by NTLM[SSP], only the login name would be used for matches. This resulted in inconsistent behavior sometimes even on the same server.

The following functionality is obeyed in version 3.0.8 and later:

  • When performing local authentication, the username map is applied to the login name before attempting to authenticate the connection.
  • When relying upon a external domain controller for validating authentication requests, smbd will apply the username map to the fully qualified username (i.e. DOMAIN\user) only after the user has been successfully authenticated.