[Samba] Re: ntml_auth --require-membership-of
Andrew Bartlett
abartlet at samba.org
Thu Jan 19 18:35:53 GMT 2006
On Wed, 2006-01-18 at 10:21 -0600, Rex Dieter wrote:
> Rex Dieter wrote:
> > Rex Dieter wrote:
> >
> >> I'm having trouble getting ntml_auth to recognize ActiveDirectory
> >> groups that aren't in AD\Users. In particular, we've a few groups in
> >> our department OU that I'd like to be able to use. If I specify any
> >> of our OU-specific groups, using something like:
> >> # ntlm_auth --username=foo --require-membership-of="AD\OUGroup1"
> >> password:
> >> I get:
> >> Winbindd lookupname failed to resolve AD\OUGroup1 into a SID!
> >
> >
> > Turns out using
> > wbinfo --name-to-sid=OUGroup1
>
> So my question is: why can wbinfo resolve the name to a SID, but
> ntlm_auth can't?
Sometimes this is a problem of timing, as ntlm_auth does this when squid
is starting.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20060120/6dd94a4a/attachment.bin
More information about the samba
mailing list