Primary Group SID

Andrew Bartlett abartlet at
Sun Feb 8 21:52:35 GMT 2004

On Mon, 2004-02-09 at 00:41, Bostjan Golob wrote:
> Hi all,
> I have a user with primary group admin, which is mapped to Domain
> Admins. I also have domainusers mapped to Domain Users. If I enumerate
> the user's groups, I get back only the Domain Users group.
> Reading pdb_ldap.c, I have come across a comment:
> /* we don't need to store the primary group RID - so leaving it
>            'free' to hang off the unix primary group makes life easier
> */
> however, when initializing the SAM user from LDAP, the primary group
> gets set to Domain Users automatically if the user has no
> sambaPrimaryGroupSID attribute.
> If this is unwanted, I can try and produce a patch that will get the
> group mapping for the user's primary gid (if it exists) and set the
> primary group SID accordingly.

This is certainly how I intended it to work, but that code has changed a
number of times... :-)

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list