[Samba] Does Samba/Winbind not follow nested groups in AD?!?

Gerald (Jerry) Carter jerry at samba.org
Wed Dec 13 18:18:35 GMT 2006

Hash: SHA1

James A. Dinkel wrote:
> Here's the situation:  We have users who are members of groups and those
> groups are sometimes members of a 2nd level of groups.  If a folder has
> permissions assigned to a 2nd level group, then the user can not access
> the share.  Doing a "getent group | grep user | grep 2nd_level_group"
> also returns nothing.  Samba seems to not be recognizing that a user is
> a member of a group under another group.
> Is there any way to enable Samba, or Winbind, to follow down the group
> hierarchy?

We (centeris) have a patch that will be merged upstream shortly.
Either myself or Danilo (it's his code) need to break it out
and submit it for review on samba-technical.  Look for this in 3.0.24.

cheers, jerry
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba mailing list