[Samba] Adding a AD Group to a Unix user account
Adam Nielsen
adam.nielsen at uq.edu.au
Thu Sep 24 16:44:09 MDT 2009
> "usermod -g GID bobby" and it adds the group to the user account fine
> (GID being the actual number value not the name).
>
> but if i don't use -g it fails to work, I want to ADD the group "Domain
> Users" to "bobbys" account, so I tried:
>
> "usermod -a -G GID bobby" but it doesnt not appear to do anything...
Keep in mind that in AD you don't add groups to users, you add users to
groups. So if you want to add some people to the AD group "Domain
Users" then you need to make the change on the system where "Domain
Users" is stored, i.e. the Active Directory server.
You might be able to get around it if you tell Samba/winbind to map an
AD group to a local group, but I'm not sure how this works with
membership (whether the local users and the AD users all appear as part
of the local group.)
Cheers,
Adam.
More information about the samba
mailing list