yodl is _cool_
Sean Mathews
mathewss at nutech.com
Wed Nov 25 06:28:29 GMT 1998
Ya it seems the latest cvs cant support domain login
anymore i posted today a few things i found odd in the
code for someone to hopefull dig into. But the good news
is that after revewing the new docs i was able to understand
it enough to come up with the following and actualy add
accounts to "Domain Admins" and other groups very easy.
i simply added a few groups to my unix group file as follows.
Domain Admins:*:2000:mathewss,raven
Domain Users:*:2001:mathewss,raven
now if i look at user mathewss under usermanager i see
that user in the group domain admins etc etc.
thats COOL :c) and easy to maintain.
I also played with the domain group map entry
with no realy effect. It seemed that maping say wheel
to say Domain Admins didnt have any effect. Seems
logical to me at least as the user mathewss has
su capability and is part of the wheel group to
alias that group to say "Domain Admins" yet
wheel "Domain Admins"
or
wheel Domain Admins
inside of the domain group map file seems to have no effect.
The username map does seem to work fine i can basicly
alias a user on NT to a user on the unix box.
on a side note under User Properties under user manager
i noticed that the check box for Password never expires is
not checked for the users. Yet under account it is properly set to
never not sure if thats normal since ive been off of using
Winnt pdc for a long time now.
Regards
Sean Mathews Nu Tech CTO
struct SoftwareProfessional {
double salary;
long lunches;
float jobs;
char unstable;
void work;
short tempers;
};
On Wed, 25 Nov 1998, David Bannon wrote:
> At 04:49 AM 25/11/1998 +1100, Luke Kenneth Casson Leighton wrote:
> >please could someone review docs/manpages/smb.conf.5 or
> >docs/htmldocs/smb.conf.5.html sections "domain group map" and "local group
> >map" see if you understand what the heck is going on, because i sure don't
> >:-)
> >
>
> Well, I have read both the man page (or that bit) and then re-read Luke's
> post of Nov 18. No, I cannot say it is clear at all.
>
> Lukes post says that smbpassgrp syntax is :
> username:uid:alias1,...:group1....
>
> But man page says its :
> UnixGroupName : DomainGroupName
>
> However, Lukes post also mentions that syntax in the paragraph above the
> definition of smbpassgrp. Hmm.....
>
> Can we get it a bit clearer ?
>
> For example, to map someone, who is a member of (unix) adm as
> (NT) Administrator would we do this ? :
>
> domain group map = /usr/local/samba/private/smbpassgrp
>
> and in smbpassgrp we have :
>
> adm Administrators
>
> I cannot try it at present as I cannot get the 2.0 beta1 to allow any sort
> of NTDomain logon. Works fine if I revert to 2.0 prealpha but that does not
> use the new syntax. Why am I seeing reference to 2.0 beta2 in cvs change
> log, I cvs'ed only an hour ago and just checked, cvs gets me 2.0 beta1 ! Do
> I need the -r BRANCH_WHAT_EVER to get 2.0 beta2 ??
>
> David
> ------------------------------------------------------------
> David Bannon D.Bannon at latrobe.edu.au
> School of Biochemistry Phone 61 03 9479 2197
> La Trobe University, Plenty Rd, Fax 61 03 9479 2467
> Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au
> ------------------------------------------------------------
> .... Humpty Dumpty was pushed !
>
>
>
>
More information about the samba-ntdom
mailing list