Groups in ldap and /etc/group?

Mike Brady mike.brady at
Mon Sep 30 06:58:01 GMT 2002


Again it depends on how you want to manage things.

There is no requirment that a user and group of the same name exits.  I seem 
to remember reading somewhere that this is a ReHat thing.  Basically the 
users group can be what ever you want it to be to meet how you want to manage 
your security.

For my test setup I haven't moved the existing Unix groups to LDAP, but for a 
production environment I probably would.

If you change a users Unix group make sure that you change the users 
files/directory ownerships/permissions to match.


On Mon, 30 Sep 2002 08:55, Eddie Lania wrote:
> ----- Original Message -----
> Ok, but what about the user his/her group that normally is the same number
> as his/her uid?
> Would that then be permanently changed to a Domain Group?
> Or should the group also be moved from /etc/group to ldap?
> Is it wise to change a unix user his/her group to a different group?
> (At this moment I wouldn't know why this should not be possible, but maybe
> anyone else has a good reason?)
> Eddie.

More information about the samba-technical mailing list