yodl is _cool_

Sean Mathews mathewss at nutech.com
Wed Nov 25 06:28:29 GMT 1998 

 Ya it seems the latest cvs cant support domain login
anymore i posted today a few things i found odd in the
code for someone to hopefull dig into. But the good news
is that after revewing the new docs i was able to understand
it enough to come up with the following and actualy add
accounts to "Domain Admins" and other groups very easy.

i simply added a few groups to my unix group file as follows.

Domain Admins:*:2000:mathewss,raven
Domain Users:*:2001:mathewss,raven

 now if i look at user mathewss under usermanager i see
that user in the group domain admins etc etc.
thats COOL :c) and easy to maintain.


 I also played with the domain group map entry
with no realy effect. It seemed that maping say wheel
to say Domain Admins didnt have any effect. Seems
logical to me at least as the user mathewss has
su capability and is part of the wheel group to
alias that group to say "Domain Admins" yet

wheel "Domain Admins" 

or

wheel Domain Admins 

inside of the domain group map file seems to have no effect.

 The username map does seem to work fine i can basicly 
alias a user on NT to a user on the unix box.

 on a side note under User Properties under user manager
i noticed that the check box for Password never expires is
not checked for the users. Yet under account it is properly set to
never not sure if thats normal since ive been off of using
Winnt pdc for a long time now.


 Regards 
  Sean Mathews Nu Tech CTO

struct SoftwareProfessional { 
  double salary;
  long   lunches;
  float  jobs;
  char   unstable;
  void   work;
  short  tempers; 
};

On Wed, 25 Nov 1998, David Bannon wrote:

> At 04:49 AM 25/11/1998 +1100, Luke Kenneth Casson Leighton wrote:
> >please could someone review docs/manpages/smb.conf.5 or
> >docs/htmldocs/smb.conf.5.html sections "domain group map" and "local group
> >map" see if you understand what the heck is going on, because i sure don't
> >:-)
> >
> 
> Well, I have read both the man page (or that bit) and then re-read Luke's
> post of Nov 18. No, I cannot say it is clear at all.
> 
> Lukes post says that smbpassgrp syntax is :
> username:uid:alias1,...:group1....
> 
> But man page says its :
> UnixGroupName : DomainGroupName
> 
> However, Lukes post also mentions that syntax in the paragraph above the
> definition of smbpassgrp. Hmm.....
> 
> Can we get it a bit clearer ?
> 
> For example, to map someone, who is a member of (unix) adm as 
> (NT) Administrator would we do this ? :
> 
> domain group map = /usr/local/samba/private/smbpassgrp
> 
> and in smbpassgrp we have :
> 
> adm Administrators
> 
> I cannot try it at present as I cannot get the 2.0 beta1 to allow any sort
> of NTDomain logon. Works fine if I revert to 2.0 prealpha but that does not
> use the new syntax. Why am I seeing reference to 2.0 beta2 in cvs change
> log, I cvs'ed only an hour ago and just checked, cvs gets me 2.0 beta1 ! Do
> I need the -r BRANCH_WHAT_EVER to get 2.0 beta2 ??
> 
> David 
> ------------------------------------------------------------
> David Bannon                      D.Bannon at latrobe.edu.au
> School of Biochemistry            Phone 61 03 9479 2197
> La Trobe University, Plenty Rd,   Fax   61 03 9479 2467
> Bundoora, Vic, Australia, 3083    http://bioserve.latrobe.edu.au
> ------------------------------------------------------------
> .... Humpty Dumpty was pushed !
> 
> 
> 
>

More information about the samba-ntdom mailing list