[Samba] Changing a user's primary GID
John H Terpstra
jht at samba.org
Fri Feb 4 20:16:22 GMT 2005
Mr. G,
Are you using the "net groupmap" facility to assign local UNIX groups to your
Windows Domain Groups?
ie: net groupmap modify ntgroup="Domain Whatsis" unixgroup=aunixgroup
- John T.
On Friday 04 February 2005 13:06, Wong, G. MR EECS wrote:
> I'm using samba version 3.0.10 on an Intel PC running Redhat Linux 3.0
> AS. I am using winbind with the idmap_rid module to authenticate users
> to Windows AD. All the current Linux user account names are exactly the
> same as the corresponding Windows AD SAM acct names. Everything works
> beautifully EXCEPT for the GIDs generated from the from the AD Groups
> that the Windows accounts belong to. (The UIDs are NOT a problem.) It
> seems like they all belong to the same group of "Domain Users".
>
> This is what I DO NOT want! At a minimum I need to have users in one of
> 2 Linux groups - as their primary group - a faculty or a student group
> since our current utility programs use Linux group permissions to work
> properly. A student account can easily be determined from the
> SAMaccountName - if it starts with a lowercase "x". If not it is a
> faculty account.
>
> I DO NOT control the info in the Windows AD system.
>
> Is there a way to force a user be put into a particular (LOCAL) Linux
> group when logging into a Linux host running Samba winbind. This would
> be there primary group while logged in.
> I really have no use for the domain group.
>
> Is there a utility or would the code have to be hacked? If the latter
> is true what C programs need to be modified?
--
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668
Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
More information about the samba
mailing list