[Samba] Re: ntml_auth --require-membership-of

Rex Dieter rdieter at math.unl.edu
Wed Jan 18 15:39:00 GMT 2006

Rex Dieter wrote:
> I'm having trouble getting ntml_auth to recognize ActiveDirectory groups 
> that aren't in AD\Users.  In particular, we've a few groups in our 
> department OU that I'd like to be able to use.  If I specify any of our 
> OU-specific groups, using something like:
> # ntlm_auth --username=foo --require-membership-of="AD\OUGroup1"
> password:
> I get:
> Winbindd lookupname failed to resolve AD\OUGroup1 into a SID!

Turns out using
wbinfo --name-to-sid=OUGroup1

and using the resulting SID instead of name in
# ntlm_auth --username=foo --require-membership-of=S-1-...


-- Rex

More information about the samba mailing list