Win2K Server can't use Samba PDC groups?
Ben.Coakley at tcaction.org
Fri Dec 7 08:57:02 GMT 2001
I have a Samba 2.2.2 server running in Domain Controller mode, and a Win2K
SP2 server that's successfully joined the domain. The Win2K server is not a
domain controller, just a domain member. I'm able to log on to the domain
on the Win2K server as a domain admin and as a normal user. What I'd like
to do is create shares on the Win2K server that use groups from the Samba
Currently, this isn't working at all. I can create shares on the Samba
server with group permissions, and when I view the properties of those
shares on the Win2K server, I see the groups. But when I create shares on
the Win2K server, the Security tab only shows users, not groups. Running
USRMGR.EXE on the Win2K server lets me see all the groups (they show up as
"Local Unix Groups"), but not the membership.
I've tried this both with and without NT ACL support compiled in, with no
success. I've made sure that "nt acl support = yes" is in my smb.conf file.
The "domain group map" directive appears to be obsolete, but I tried that
There are some hints in the Samba documentation that this might not be
possible, which would be too bad. Can anyone confirm this? Can I work
around the problem with the smbcacls application?
Ben Coakley ben.coakley at tcaction.org
Director of Information Technology V:607-273-8816 x110
Tompkins Community Action F:607-273-3293
Learn more about Tompkins Community Action at http://www.tcaction.org/
More information about the samba-ntdom