SAMBA: valid users ignores local samba user

I have a linux server (SLES12 SP5) in a Windows domain.

>smbd -V
Version 4.10.5-git.192.26ffbcd72313.11.1-SUSE-SLE_12-x86_64

Accessing samba shares with a domain user works very well.

Unfortunately I can’t access the share with a local samba user, if valid users is active.

>useradd -r -g tomcat test
>smbpasswd -a test
>systemctl restart smb.service

>getent passwd test
test:x:480:1002::/home/test:/bin/bash

smb.conf

[global]
    security = ADS
    realm = STL.BWL.NET
    workgroup = STL

    domain master = NO
    local master = NO
    preferred master = NO
    os level = 0

    template homedir = /home/%U
    template shell = /bin/bash
    kerberos method = secrets and keytab
    allow trusted domains = NO

    winbind enum users = YES
    winbind enum groups = YES
    winbind cache time = 10
    winbind use default domain = YES
    winbind refresh tickets = YES

    idmap config STL : backend = rid
    idmap config STL : range = 100000-400000

    idmap config * : backend = tdb
    idmap config * : range = 500000-800000

    ntlm auth = NO
    lanman auth = NO
    client use spnego = YES
    client ntlmv2 auth = YES
    encrypt passwords = YES
    restrict anonymous = 2
    usershare allow guests = NO

    printing = bsd
    printcap name = /dev/null

    map acl inherit = YES
    store dos attributes = YES
    ea support = YES

    public = NO
    browseable = YES
    writeable = YES
    guest ok = NO

    create mask = 0660
    directory mask = 0770

[web]
        path = /web
        valid users = @GRP_R13_QS STL1408

[tomcat]
        path = /web/tomcat
        valid users = test

Go to Source
Author: stalachristian