[Samba] valid users and groups with winbind

dj dj at sin.khk.be
Mon Oct 7 09:52:01 GMT 2002 

On Thu, 3 Oct 2002, Wieprecht, Karen M. wrote:

> Andrew,
>
> 	I was having the same problem with getting groups to work,  so I
> tried your solution,  but can't get it to work either.
>
> 1. I set up a read only share,  made sure I didn't have write access.
>
> 2. I added
>
> 	write list = WALNETNT_karen"
>
>    and verified that I now had write access.
>
> 3. I then changed the write list to give write access to the whole domain
> users group
>    (which karen is a member of),   but I no longer had
>    write permission ...  I tried all of the following,
>    but none seemed to work:
>
> 	write list = 'domain\domain users'
> 	write list = 'domain\Domain Users'  (case sensitivity check)
> 	write list = 'WALNETNT\Domain Users' (maybe you meant for me to use
> my domain name?)
> 	write list = 'WALNETNT_Domain Users' (My winbind separator is "_"
> ... Use this?)
> 	write list = 'domain_Domain Users'
> 	write list = ''domain_domain users'
>
> I didn't try taking the quotes off,  I didn't think UNIX would deal with the
> space in the domain group name very well.  I logged off and back on as
> various domain users while testing this to make sure the permissions weren't
> being cached on the client PC.  I'm obviously missing something here,
> perhaps you can shed some light?

I've also got a winbind setup running here with samba 2.2.5. Here is how I
add groups :

write list = @"WALNETNT_Domain Users"

The permissions are based on the unix groups, so use getent group to see
the unix version of your domain groups and use that in smb.conf

The quotes "" are for the space and the @ indicates that it is a group.

This works for me.

Kind regards,
Tim

-- 
===========================================================================
Tim Verhoeven
                                Linux & Open Source Specialist
GSM : 0496 / 693 453                          + e-business solutions
Email : dj at 4ict.com                           + consulting
URL : www.sin.khk.be/~dj/                     + Server consolidation
===========================================================================

More information about the samba mailing list