[Samba] domain users in local groups with Winbind/Samba/Redhat
mrutzki at gmx.de
mrutzki at gmx.de
Fri Feb 14 17:32:33 GMT 2003
Am 14 Feb 2003 um 15:52 hat Buchan Milne geschrieben:
> > Date: Fri, 14 Feb 2003 11:37:53 +0100 (MET)
> > From: Matthias Rutzki <mrutzki at gmx.de>
> > To: samba at lists.samba.org
> > Subject: [Samba] domain users in local groups with Winbind/Samba/Redhat
> > Message-ID: <11937.1045219073 at www64.gmx.net>
> > Content-Type: text/plain; charset="iso-8859-1"
> > MIME-Version: 1.0
> > Content-Transfer-Encoding: 8bit
> > Precedence: list
> > Message: 8
> >
> > Hi,
> >
> > I am running a Samba 2.2.7a on Redhat 7.3 in a NT domain. For authentication
> > I am using the domainusers.This is done by Winbind 2.2.7a which verifies the
> > existens of the users on the PDC. So I dont't have to create local users
> > (/etc/passwd) for users who want to connect to the shares in the smb.conf.
> > I authorise them by adding valid users = domain+domainuser to the smb.conf.
> > This works very well.
> > Now my problem:
> > By writing valid users = @localgroup or +localgroup
> > I can authorise local groups (/etc/group) to connect to the shares.
> > Now I want to add the domainusers to some local groups.Putting the
> > domainusers in groups should save much time because otherwise I have to add each
> > domainuser for every share seperatly.
> > E.g. valid users = domain1+domainuser domain2+domainuser2....
> > I have tried it with: usermod -g localgroup domain+domainuser
> > which ends in this message: usermod: domain+domainuser not found /etc/passwd
> > I know this is message is right because there is no domainuser in
> > /etc/passwd. But how can I assort the domainusers?
> > Is there a way to use groups of domainusers who are verified by winbind in
> > the smb.conf?
> >
>
> valid users = @localgroup @'Domain1+group1'
>
My experiences with Samba in domains are not very big. So, what does 'Domain1+group1'
mean?
Domain1 = any Domain in my Network or the Domain which Samba has joined?
group1 = any group that exists in Domain1?
But thank you for your answer.It seems that this kind problem is poorly documented...
More information about the samba
mailing list