[Samba] Confused about groups and access
David Shapiro
David.Shapiro at bcbsnc.com
Fri Feb 24 14:59:22 GMT 2006
Unfortunately, aix does not have getent command.
You have 'winbind nested groups = yes' (I know this is
obvious). YES
* Does 'id username' show the correct listing of groups?
only after I log into the box as the user and then do an su to that
user as an extra step do I see all the groups. before that, all I see
is domain users.
* Does `getent group ntcdw` return the group info?
* Does `getent group $gid_ntcdw` return the group info?
($gid_ntcdw is the numeric gid of ntcdw).
David Shapiro
Unix Team Lead
919-765-2011
>>> "Gerald (Jerry) Carter" <jerry at samba.org> 2/24/2006 9:47 AM >>>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Shapiro wrote:
> My nt admin made a group for my samba server called
> Share_Dfsroot_pvcs-cdw_C and added me as a member. I made a nested
> group on my side with
>
> net rpc group add ntcdw -L -Uxxxxx
>
> I then added the Share_Dfsroot... with
>
> net rpc group addmem ntcdw "DOMAIN+Share_Dfsroot..." -Uxxxxx
>
> net rpc group members ntcdw -Uxxxx shows:
>
> DOMAIN\Share_Dfsroot... so all looks good.
>
> I then created on unix side a group called ntcdw and
> then tried to associate ntcdw (ntgroup) with ntcdw
> (unix group) with:
>
> net groupmap modify ntgroup=ntcdw unixgroup=ntcdw
>
> I then set my share directory to be owned by the
> unix group ntcdw and set permissions to 770 on
> the directory.
>
> When I try to cd into the directory with my workstation
> login, it says Permission Denied.
David,
Couple of things to check:
* You have 'winbind nested groups = yes' (I know this is
obvious).
* Does 'id username' show the correct listing of groups?
* Does `getent group ntcdw` return the group info?
* Does `getent group $gid_ntcdw` return the group info?
($gid_ntcdw is the numeric gid of ntcdw).
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFD/xx8IR7qMdg1EfYRAvB+AKCeDLX/izARPlVHgbAXU7XT9/5bFACeMVw4
uAhx5X4VHclq2gTz0mI8AjQ=
=hvBN
-----END PGP SIGNATURE-----
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list