I’ve a process which runs as its own local user. I’d like to give it the right to write into an ibay (Samba share) but that one is owned by a a group managed by nethserver (AD).
Is it possible to add a local user to an AD group ?
Please note that isn’t a permanent setting: if you made some modification to ibay via dashboard, you then have to give the command described above again
Quite easy. I created a transmission service account into NS. Had to give him Domain Admin rights. I also added it to a group that has rights to access the SAMBA share.
Then I edited the the systemd transmission-daemon.service file and changed the user from transmission to transmission@mydomain.tld
Lastly I discovered that the home directory had changed and that I needed to copy the file settings.json from the old home folder /var/lib/transmission/.config/transmission-daemon/ to /var/lib/nethserver/home/transmission/.config/transmission-daemon/
After that everything worked as I wished : The process may now write directly into the Samba share and I’m able to manipulate files from a client through the SMB interface. The main reason is that I need the files to stay on the server for my plex media server instance. I similarly created a plex@domain.tld account that has the same rights so that both processes can access the samba shared folder where plex’s library is stored.
thanks @saitobenkei clever but as you probably understood I needed a permanent solution
@davidep clever as well, if not elegant However I believe my solution is better since it uses standard NS functions (easier to maintain and backup / restore).
You’re completely right of course However I was wrong : I just checked and the user belongs only to the “multimedia” group I created for plex and transmission.