Samba Fileserver at daily use?
Matthew Keller
kellermg at potsdam.edu
Sun Aug 8 23:18:40 GMT 1999
Doug VanLeuven wrote:
>
> Thanks. My specific circumstance is a legacy AIX system where users have
> been split into initial departmental groups with a umask of 002 and sgid on shared
> directories so departmental groups can freely read/write files. I can't change this.
> On the NT side, I have a legacy NT domain where logon scripts run under the
> permissions of "Domain Users" and need to be applied to everyone authenticated
> to the domain, but not guests & web users of MS IIS.
> I'm experimenting with LDAP to define NT groups that are not mapped to any
> unix group and it seems promising.
> But I had hoped someone had found a way around the 1024 byte
> limitation in group lines so we wouldn't have to maintain yet another server.
The standard way around this in UNIX is to break users into subgroups,
and shove them into the master group. I'll explain.
Let's say you add the users to 'Domain Users', but there are too many
(example below):
users:1:person1,person2.....person99999
You can always add GROUPS to other groups, so you could break it up as
follows:
users1:12:person1,person2....person200
users2:13:person201,person202....person400
users3:14:person401,.....person500
..
..
..
users:1:@users1, at users2, at users3......@users9999
Did that make sense? I'm pretty tired....
--
- Matthew Keller -
Lead Programmer/Analyst
Distributed Computing and Telemedia
State University of New York at Potsdam
Web: http://mattwork.potsdam.edu/
PGP: http://mattwork.potsdam.edu/crypto/
More information about the samba-ntdom
mailing list