[Samba] users via winbind and using @group in smb.conf
Stefan Froehlich
samba at Froehlich.Priv.at
Thu Dec 28 15:42:51 GMT 2006
Hello,
I have two samba servers, A is configured as a PDC, B offers some
additional shares. B is getting usernames and passwords via winbind
from a, using the following configuration directives:
| idmap uid = 100-999
| idmap gid = 100-999
| winbind enum users = yes
| winbind enum groups = yes
| winbind use default domain = yes
This is basically working fine, local ssh login is ok, getent shows
all remote users and passwords.
Now B needs to define some additional, local groups containing the
names of remote users. In /etc/group the usernames have been added
(without the DOMAIN\ prefix, as "use default domain" is set). On the
command line, this is working as well ("groups" does show the local
group for the remote users).
But what das NOT work is to assign a samba share on B to this local
group. I tried
| valid users = @group
as well as
| valid users = @DOMAIN\group
but both ways all I get is NT_STATUS_ACCESS_DENIED.
How do I have to write this in order to get access for remote group
members in a locally defined group?
Ciao,
Stefan
--
http://kontaktinser.at/
Die Kontaktboerse fuer Oesterreich - kostenlos und unkommerziell
More information about the samba
mailing list