Mapping NT groups to Unix groups

Frank Carreiro fcarreiro at loweryinc.com
Thu Oct 5 17:15:54 GMT 2000 

I've read the docs for "username map" trying to map our NT groups to UNIX groups.  Pulling my hair out on this one.

Came across the below and tried it (I'm running Linux RedHat 6.2 with samba 2.0.7).  I can see the share under Windows NT 4.0 explorer (workstation).  However when I try to open / connect I get the following error:

" \\servername\share is not accessible"
"The Network Name cannot be found"

Did I miss something?

thx

Frank



On Wed, 27 Sep 2000, Rod Sanborn wrote:

> 
>  >Hello,
>  >
>  >    I am trying to map NT groups to Unix groups via the username map file so that I can grant access to Samba shares simply by adding users to an group on the NT side.  On the Unix side, the group has permissions to the directory, but the user has not been added to the actual Unix group.
>  >
>  >    I am having trouble getting this to work and the documentation seems to be giving me conflicting information.  I first looked in the O'Reilly book "Using Samba" that came with the distribution.  In section 6.2.3.1 "username map" it says:  "You can also map NT groups to one or more specific Unix groups using the @ sign."  In the HTML documentation, it says something completely different.  In the section on "username map" it says:  The list of usernames on the right may contain names of the form @group in which case they will match any UNIX username in that group".  Further down it continues:  "Or to map anyone in the UNIX group "system" to the UNIX name "sys" you would use:
>  >
>  >        sys = @system
>  >
>  >    Has anybody else gotten this to work or is there somebody savy enough with the internals to know which documentation is correct?  I would really appreciate any help.
>  >
>  >    I am using an SGI (Irix 6.5.5) with Samba 2.0.7.  My NT clients are on an NT domain, so I am using domain security.
>  >


> We have samba a Linux (Debian) with samba 2.0.7. Our username.map simply
>looks like:

>group = NTGROUP

>We also have security = DOMAIN, so I think this will work for you.

>regards,
>Wolf Bergenheim

More information about the samba-ntdom mailing list