hugo hugo at aardvarks-and-platypus.com
Thu Nov 24 09:08:59 GMT 2005

Craig White wrote:
> ----
> what the various scripts do is entirely under your control and they
> could actually modify the posix attributes/group memberships if desired.
> samba provides the scripts as hooks to the UNIX/Linux system and with
> the variables that are passed via the scripts, you should be able to do
> what you want.
> You probably should be using ldap passdb as once you get through the
> learning curve of ldap, you can get single source account management for
> both samba and posix attributes.
> Craig


Thanks for the reply Craig. How you describe the scripts is how I would
have thought that they worked. However, the "Add User to Group Script"
option definately does not work (for me) as in it is never called by

I don't know if it makes a difference but the groups that I am adding to
are marked as "LOCAL" groups as in:

net groupmap ntgroup="Samba Test Group" type=l unixgroup=testgrp

When I've tried domain groups (even though this simple server is a
standalone) when I try to add a member to one of those I get some horrible
error from samba whittering on about the user not being in the group. I
guess that is something to do with the fact the server is not really a
domain server (member or PDC).

At the moment I am not even going to bother with LDAP on the grounds if I
cannot get a trivial example test server working then there's no point.
All I'll have is a lovely LDAP'ified Samba server that still doesn't call
"Add User to Group" scripts to put people in the groups now stored in
LDAP. Defeatist I know.

Unless you're implying that the only way these scripts all work (as in get
called by samba) is if it is working against ldap passdb?

Many thanks


More information about the samba mailing list