Maping NT Groups to Unix Goup

Kai Blin k.blin at
Tue Oct 10 12:30:38 GMT 2000

Sitting at the campfire, Yariv Gringold told:
> I am trying to map NT groups to Unix groups via the username map file so
> that I can grant access to Samba shares simply by adding users to a group on
> the NT side.  On the Unix side, the group has permissions to the directory,
> but the user has not been added to the actual UNIX group.

Why not?
>     I am having trouble getting this to work and the documentation seems to
> be giving me conflicting information.  I first looked in the O'Reilly book
> "Using Samba" that came with the distribution.  In section "username
> map" it says:  "You can also map NT groups to one or more specific Unix
> groups using the @ sign."  In the HTML documentation, it says something
> completely different.  In the section on "username map" it says:  The list
> of usernames on the right may contain names of the form @group in which case
> they will match any UNIX username in that group".  Further down it
> continues:  "Or to map anyone in the UNIX group "system" to the UNIX name
> "sys" you would use:
> Our simply looks like:
> group = NTGROUP

It should be "@group = NTGROUP", IMHO.

I gather that there are _two_ files actually. a group map and a username map
file. you can use them both, I think.
> We have samba a Linux (Debian) with samba 2.0.7.
Nothing wrong with that, I'm using this, too.


