Mapping NT groups to Unix groups

Wolf Bergenheim wolf.bergenheim at
Wed Sep 27 20:04:07 GMT 2000

On Wed, 27 Sep 2000, Rod Sanborn wrote:

>    I am trying to map NT groups to Unix groups via the username map file so that I can grant access to Samba shares simply by adding users to an group on the NT side.  On the Unix side, the group has permissions to the directory, but the user has not been added to the actual Unix group.
>    I am having trouble getting this to work and the documentation seems to be giving me conflicting information.  I first looked in the O'Reilly book "Using Samba" that came with the distribution.  In section "username map" it says:  "You can also map NT groups to one or more specific Unix groups using the @ sign."  In the HTML documentation, it says something completely different.  In the section on "username map" it says:  The list of usernames on the right may contain names of the form @group in which case they will match any UNIX username in that group".  Further down it continues:  "Or to map anyone in the UNIX group "system" to the UNIX name "sys" you would use:
>        sys = @system
>    Has anybody else gotten this to work or is there somebody savy enough with the internals to know which documentation is correct?  I would really appreciate any help.
>    I am using an SGI (Irix 6.5.5) with Samba 2.0.7.  My NT clients are on an NT domain, so I am using domain security.

We have samba a Linux (Debian) with samba 2.0.7. Our simply
looks like:

group = NTGROUP

We also have security = DOMAIN, so I think this will work for you.

Wolf Bergenheim

Systems Specialist		Adcore
wolf.bergenheim at

More information about the samba-ntdom mailing list