[Samba] AD user not honouring local group membership

Gerald (Jerry) Carter jerry at samba.org
Thu Mar 11 14:46:06 GMT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ww m-pubsyssamba wrote:
| hello list,
|
|
| Without going into details I cannot currently use winbind
| for AD group data with Samba 3.0.x running on Solaris.
|
| I Would like to use winbindd for reading user accounts
| from AD and then have those AD accounts as members
| of local (LDAP eventually) groups.

This isn't supported currently since smbd takes some
shortcuts to get user groups when using winbindd.

You only alternative is to replicate the user and
group accounts into /etc/passwd and /etc/group and
manage them like standard UNIX accounts.

It would not be impossible to support mixing winbind users
and /etc/groups.  But it is non-trivial and any solution
would require a fair amount of testing to ensure that it
did not introduce regressions from soem of the other necessary
behavior.





cheers, jerry
- ----------------------------------------------------------------------
Hewlett-Packard            ------------------------- http://www.hp.com
SAMBA Team                 ---------------------- http://www.samba.org
GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song" --Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAUHuuIR7qMdg1EfYRApW+AJ0eGGnhX8g6SzbG3FEYXGZZUhp45gCdHm0U
QLN/14JOyobPQgjTr5IyrUE=
=oihK
-----END PGP SIGNATURE-----


More information about the samba mailing list