Asunto: Re: [Samba] Question about Authentication
Gustavo Cremella Donedoni
cremella at adinet.com.uy
Tue Sep 9 18:04:00 GMT 2003
I think that user groups defined on the PDC are Domain "wide" Groups, while
groups defined on others Sambas acting as server are local. This include
local group of Windows machines.
I know how to manages Permisions on win NT/2k shares to setup permisions
based on Domain Users and Groups, but no on how to manage ACLs on Sambas
servers. May be you need win_bind to make the server see the PDC's users
and groups as their own.
It also helps a lot running a new kernel with ACLs and Extended Attributes
enabled over a filesystem capable of that.
Good luck, Gus
>-- Mensaje original --
>Date: Tue, 09 Sep 2003 16:50:34 +0200
>From: "SerpentMage (Christian Gross)" <mailing at devspace.com>
>To: Tom Dickson <bombcar at bombcar.com>, samba at lists.samba.org
>Subject: Re: [Samba] Question about Authentication
>Tom Dickson wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> I think thank the Power Users group is a LOCAL group, i.e., it only
>> exists on the machine that it is created on.
>> You probably want another group.
>Ok, lets call this group "Super Duper Users", and I apologize the name
>So how would one do that? Using the outline described below.
>> SerpentMage (Christian Gross) wrote:
>> | Ok, I apologize if this question has come up. I searched the mailing
>> | lists and did not find a conclusive answer. Unless of course I am
>> | missing some point.
>> | Here is what I am trying to do...
>> | I have a domain DEV-DOMAIN. In this domain there is the PDC X (Samba)
>> | and Server Y (Windows or Samba). A client that accesses the network
>> | uses client machine A (Windows), which is also part of the domain.
>> | Me logs onto the domain from client machine A and is recognized by
>> | PDC as User Me with Power User rights. On Server Y a share has been
>> | made free with Power User rights, but not explicitly defined the user.
>> | When User Me logs on they want to be able to get access to the
>> Server Y.
>> | Exactly how would that be set up? I understand how to setup individual
>> | users, create a domain and give user permissions on shares. My
>> | relates to how groups are handled across the domain. I do not seem
>> | see much documentation on this aspect (maybe I am missing something).
>> | Could somebody enlighten me on how groups are handled? Thanks
>> | Christian Gross
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.2.1 (GNU/Linux)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>> -----END PGP SIGNATURE-----
>To unsubscribe from this list go to the following URL and read the
More information about the samba