[Samba] smbpasswd backend, group-per-user, and primary gid not
a domain group
Frank H
fjhenigman at cgl.uwaterloo.ca
Sat Aug 28 03:17:27 GMT 2004
> On Mon, 2004-07-19 at 17:09, Frank H wrote:
>
>>After changing from 2.x to 3.0 I get these messages:
>>
>>rpc_server/srv_util.c:get_domain_user_groups(376)
>>get_domain_user_groups: primary gid of user [fred] is not a Domain group !
>>get_domain_user_groups: You should fix it, NT doesn't like that
...
Craig White wrote:
> I would change to tdb but that's me.
...
To sum up my experience, in case it helps anyone... This is with 3.0.3.
Changing to the tdbsam password backend is utterly painless. (Thank you
samba developers.) Apart from the fact that the smbpasswd file password
backend is deprecated, tdbsam is better in that it allows you to set a
user's primary group with pdbedit. You can set your group to "domain admin"
and you'll be an administrator when you log into Windows - no messing with
"net groupmap" or unix groups required. When I do this however, samba still
logs the message shown above! I know my group setting is working because
otherwise I wouldn't be an administrator when I log in. So I think
producing the message in this case is a bug.
I had one other problem due to a mismatch between the pdbedit man page and
the behavior of the program. The man page says the -r flag is not needed
but I found I could not change my group without it.
Finally, for what it's worth, I've been running for over a month with
"NT doesn't like that" with w2k clients and I'm not aware of any problems.
More information about the samba
mailing list