"valid users = domain_user" without specifying domain
simo
idra at samba.org
Thu May 3 13:08:35 GMT 2007
On Mon, 2007-04-30 at 13:11 +0200, Johann Hanne wrote:
> > I'm pretty sure this behavior is described in the release notes for
> > the 3.0.23 release series. It is by deisgn. DOMAION\group1 and
> > (local) group1 have different SIDs.
> Yes, I've read the release notes, but maybe I'm misunderstanding something. I
> thought that "valid users = +apache" is the same as "valid users =
> +MACHINE\apache" and that MACHINE is the literal string "MACHINE"?
no, MACHINE is the name of your machine (netbios name), and MACHINE
+apache refer to a mapped group you can create (mapped to the local
apache).
> > > Shouldn't this be a configuration that works? user1,
> > > user2 and user3 are actually winbind/nss mapped users, so why
> > > do I have to specify the domain name here?
> >
> > Just make MACHINE\Apache and add domain users to that.
> I really tried everything I could think of. And I've also added all possible
> combinations (even those which don't make sense to me), currently I have:
just map a local group to apache and it should just work.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org
http://samba.org
More information about the samba-technical
mailing list