[Samba] samba and domain local groups
Andrew Best
festivus at gmail.com
Wed Nov 3 01:12:31 GMT 2004
Quick question about Samba and Domain Local groups.
Ive got a Samba 3.0.7 server (redhat 8) as a domain member of a 2K
Domain in native mode. (security = domain).
Std Windows group mgmt says:
Users are members of Global Groups.
Global Groups are members of local groups
Local Groups control access to resources.
So ive got a Domain Local group I want to use to restrict access to a
samba share:
valid users = @"DL_FILE_iCABS_Server"
Problem is, when I browse the share from a 2K/XP PC im prompted for a
username and password.
log.winbind says:
[2004/11/02 15:59:36, 0] nsswitch/winbindd_group.c:winbindd_getgrent(795)
could not lookup domain group DL_FILE_iCABS_Server
[2004/11/02 15:59:36, 1] nsswitch/winbindd_group.c:fill_grent_mem(133)
could not lookup membership for group rid
S-1-5-21-1078081533-1682526488-725345543-1633 in domain
RENTOKILINITIAL (error: NT_STATUS_NO_SUCH_GROUP)
If I do a 'getent group' I see all the Global Groups but not the
Domain Local groups and an error similar to the one above is logged
for each Domain Local group.
So, am I missing something really basic here, ie Samba/Winbind doesnt
let me use Domain Local groups like this or is this a bug in
Samba/Winbind?
--
"If you wash lousy clothing at low temperatures, all you get is cleaner
lice" - Dr John Maunder
More information about the samba
mailing list