[Samba] Re: Changing a user's primary GID

Gerald (Jerry) Carter jerry at samba.org
Fri Feb 4 20:16:35 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wong, G. MR EECS wrote:

| I'm using samba version 3.0.10 on an Intel PC
| running Redhat Linux 3.0 AS.  I am using winbind with
| the idmap_rid module to authenticate users to Windows AD.
| All the current Linux user account names are exactly the
| same as the corresponding Windows AD SAM acct names.
| Everything works beautifully EXCEPT for the GIDs generated
| from the from the AD Groups that the Windows accounts belong
| to.  (The UIDs are NOT a problem.)  It seems like they all
| belong to the same group of "Domain Users".

This is an optimization on our part for performance
reasons.  You're not the first one to complain about it.

| This is what I DO NOT want!  At a minimum I need to have
| users in one of 2 Linux groups - as their primary group -
| a faculty or a student group since our current utility
| programs use Linux group permissions to work
| properly.  A student account can easily be determined
| from the SAMaccountName - if it starts with a lowercase "x".
| If not it is a faculty account.
|
| I DO NOT control the info in the Windows AD system.
|
| Is there a way to force a user be put into a
| particular (LOCAL) Linux group when logging into a
| Linux host running Samba winbind.  This would
| be there primary group while logged in.
| I really have no use for the domain group.
|
| Is there a utility or would the code have to be
| hacked?  If the latter is true what C programs need
| to be modified?

Look at source/ nsswitch/winbindd_user.c and modify
the winbind_fill_pwent() IIRC.  You can change this
to do what you want.




cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back."     Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCA9gjIR7qMdg1EfYRAiS7AKCOtkP3TJpmR2kLtS11tzpC/UMNWwCgoNmb
vuFPC6FuAjvY4kDjar5qrN0=
=AAoD
-----END PGP SIGNATURE-----


More information about the samba mailing list