[Samba] Does Samba/Winbind not follow nested groups in AD?!?
kincera at gmail.com
Tue Dec 5 20:50:16 GMT 2006
I just simulated your scenario and I have no problems.
1) User testing member of: group1
2) group1 member of group 2
3) group2 has rights to folderA
4) User testing can successfully open folderA.
5) Removing group2 rights from folderA results in access denied.
James A. Dinkel wrote:
> Here's the situation: We have users who are members of groups and those
> groups are sometimes members of a 2nd level of groups. If a folder has
> permissions assigned to a 2nd level group, then the user can not access
> the share. Doing a "getent group | grep user | grep 2nd_level_group"
> also returns nothing. Samba seems to not be recognizing that a user is
> a member of a group under another group.
> Is there any way to enable Samba, or Winbind, to follow down the group
> James Dinkel
More information about the samba