[Samba] 2k / NT4 trust and local/global groups
spaceboy at spaceboy.co.uk
Tue Jan 18 17:10:07 GMT 2005
Got a 2k ADS server with a trust to NT4 PDC...
what I'm trying to achieve is to have users on the NT4 PDC assigned to
security groups in Win2k AD, with Samba joined to the AD and
authenticating users in AD.
I have the NT4 -> 2k trust working fine both directions.
Samba has been joined to the 2k AD realm.
Running wbinfo -g I can see 2k global groups and NT4 groups however I
cannot see 2k local domain groups.
The problem with this arrangement is that NT4 users can only be members
of a 2k local domain group, and not a global group.
so, 2k local groups contain the users I want to authenticate, but I can
only see 2k global groups (which can't contain NT users).
I've tried creating global groups containing local domain groups - no joy.
I'm running in mixed mode for the trust to work.
any help / suggestions appreciated.
More information about the samba