[Samba] Confused about groups and access

David Shapiro David.Shapiro at bcbsnc.com
Fri Feb 24 14:59:22 GMT 2006 

Unfortunately, aix does not have getent command.
 
You have 'winbind nested groups = yes' (I know this is
  obvious).    YES
 

* Does 'id username' show the correct listing of groups?
only after I log into the box as the user and then do an su to that
user as an extra step do I see all the groups.  before that, all I see
is domain users.

* Does `getent group ntcdw` return the group info?
* Does `getent group $gid_ntcdw` return the group info?
  ($gid_ntcdw is the numeric gid of ntcdw).
 
David Shapiro
Unix Team Lead
919-765-2011

>>> "Gerald (Jerry) Carter" <jerry at samba.org> 2/24/2006 9:47 AM >>>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Shapiro wrote:

> My nt admin made a group for my samba server called
> Share_Dfsroot_pvcs-cdw_C and added me as a member.  I made a nested
> group on my side with
>  
> net rpc group add ntcdw -L -Uxxxxx
>  
> I then added the Share_Dfsroot... with
>  
> net rpc group addmem ntcdw "DOMAIN+Share_Dfsroot..." -Uxxxxx
>  
> net rpc group members ntcdw -Uxxxx shows:
>  
> DOMAIN\Share_Dfsroot... so all looks good.
>  
> I then created on unix side a group called ntcdw and 
> then tried to associate ntcdw (ntgroup) with ntcdw
> (unix group) with:
>  
> net groupmap modify ntgroup=ntcdw unixgroup=ntcdw
>  
> I then set my share directory to be owned by the 
> unix group ntcdw and set permissions to 770 on
> the directory.
>  
> When I try to cd into the directory with my workstation 
> login, it says Permission Denied.

David,

Couple of things to check:

* You have 'winbind nested groups = yes' (I know this is
  obvious).
* Does 'id username' show the correct listing of groups?
* Does `getent group ntcdw` return the group info?
* Does `getent group $gid_ntcdw` return the group info?
  ($gid_ntcdw is the numeric gid of ntcdw).




cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD/xx8IR7qMdg1EfYRAvB+AKCeDLX/izARPlVHgbAXU7XT9/5bFACeMVw4
uAhx5X4VHclq2gTz0mI8AjQ=
=hvBN
-----END PGP SIGNATURE-----
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list