[Samba] valid users and groups with winbind

Wieprecht, Karen M. Karen.Wieprecht at jhuapl.edu
Thu Oct 3 12:46:01 GMT 2002 

Andrew,

	I was having the same problem with getting groups to work,  so I
tried your solution,  but can't get it to work either.  

1. I set up a read only share,  made sure I didn't have write access.

2. I added 

	write list = WALNETNT_karen"
 
   and verified that I now had write access.

3. I then changed the write list to give write access to the whole domain
users group 
   (which karen is a member of),   but I no longer had
   write permission ...  I tried all of the following,  
   but none seemed to work: 

	write list = 'domain\domain users'  
	write list = 'domain\Domain Users'  (case sensitivity check)
	write list = 'WALNETNT\Domain Users' (maybe you meant for me to use
my domain name?)
	write list = 'WALNETNT_Domain Users' (My winbind separator is "_"
... Use this?)
	write list = 'domain_Domain Users'  
	write list = ''domain_domain users' 
	
I didn't try taking the quotes off,  I didn't think UNIX would deal with the
space in the domain group name very well.  I logged off and back on as
various domain users while testing this to make sure the permissions weren't
being cached on the client PC.  I'm obviously missing something here,
perhaps you can shed some light?  

	Thanks,

		Karen Wieprecht

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Thursday, September 26, 2002 7:10 PM
To: Michael MacIsaac
Cc: samba at lists.samba.org
Subject: Re: [Samba] valid users and groups with winbind


Michael MacIsaac wrote:
> 
> Hi,
> 
> Just starting on this list.
> 
> I have samba (2.2.5a) on Linux/s390 and winbind authenticating and 
> providing shares. I add the global to smb.conf:
> 
>   valid users = '@Domain Users'

Winbind groups start with DOMAIN\, and as a quirk, don't need the @ prefix.

So valid users = 'domain\domain users' should do what you want.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list