[Samba] Can't use windows domain users in local group
POP, Iustin
Iustin.Pop at orange.ro
Wed Jun 11 13:17:24 GMT 2003
Hello,
I have the following problem:
- samba is a member of a w2k domain
(samba version 2.2.8a, compiled from tarball on RedHat9)
- winbind works ok, no problems
- domain users, when connecting through my samba,
don't get their local group membership info (only
domain groups are initialized).
- domain users, when connecting through any other
pam-enabled service, get their group membership info
ok (both domain groups and local groups).
This I traced to the fact that in source/nsswitch/wb_client.c,
function winbind_initgroups, it only uses winbind to get group
information, avoiding the use of initgroups for non-local users.
Are there any reasons to avoid initgroups for domain users? I'm
thinking of changing wb_client.c to always go with initgroups,
but maybe there are reasons to use winbind. The windows domain is
not that big that enumeration of groups would be too expensive
(<2000 users, <500 groups).
Or is it possible to get full group information through other changes?
Any hints on this issue would be appreciated.
Thanks,
Iustin Pop
More information about the samba
mailing list