[Samba] domain users in local groups with Winbind/Samba/Redhat
Buchan Milne
bgmilne at cae.co.za
Fri Feb 14 18:27:04 GMT 2003
mrutzki at gmx.de wrote:
> Am 14 Feb 2003 um 15:52 hat Buchan Milne geschrieben:
>
>>
>>valid users = @localgroup @'Domain1+group1'
>>
>
> My experiences with Samba in domains are not very big. So, what does 'Domain1+group1'
> mean?
>
> Domain1 = any Domain in my Network or the Domain which Samba has joined?
> group1 = any group that exists in Domain1?
Remember that there is not really a distinction between domain groups
and local grops on unix. With winbind (assuming you had used + as the
domain seperator), winbind will return groups to the system as
<DOMAIN>+<username> for any domain trusted by the domain winbind is a
member of. The use of the quotes protects the string from being mangled
by samba (especially where there are spaces in the group name).
>
> But thank you for your answer.It seems that this kind problem is poorly documented...
>
I have not run winbind in a mutli-domain setup before, but this is
supposed to work.
You should try some experiments with
$ getent passwd
$ getent group
$ wbinfo -g
$ wbinfo -u
to see more. Note that getent is a generic command on unix, and will
show any entries that are accessible (from local files, NIS, ldap,
winbind etc). wbinfo is specific to winbind.
Buchan
--
|--------------Another happy Mandrake Club member--------------|
Buchan Milne Mechanical Engineer, Network Manager
Cellphone * Work +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering http://www.cae.co.za
GPG Key http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
More information about the samba
mailing list