[Samba] Problem with Universal Groups
Trimble, Ronald D
Ronald.Trimble at unisys.com
Thu Mar 2 20:02:39 GMT 2006
Everyone,
With many thank to Jerry, my cross domain authentication is now
working. This leads to a new problem. I cannot get samba to
authenticate a remote domain user in a Universal group to authenticate
properly.
Here are the details:
USTR-LINUX-1:~ # wbinfo --name-to-sid=NA\\USTR-LINUX-1-REDHAT-READ
S-1-5-21-725345543-2052111302-527237240-349134 Domain Group (2)
USTR-LINUX-1:~ # wbinfo --name-to-sid=EU\\inblr-auth1
S-1-5-21-606747145-879983540-1177238915-173280 User (1)
USTR-LINUX-1:~ # wbinfo
--user-domgroups=S-1-5-21-606747145-879983540-1177238915-173280
S-1-5-21-606747145-879983540-1177238915-513
.
.
.
S-1-5-21-606747145-879983540-1177238915-79634
S-1-5-21-606747145-879983540-1177238915-79966
S-1-5-21-725345543-2052111302-527237240-349134 **Here is the group!!**
S-1-5-21-725345543-2052111302-527237240-177738
S-1-5-21-725345543-2052111302-527237240-349185
S-1-5-21-725345543-2052111302-527237240-307510
S-1-5-21-725345543-2052111302-527237240-177742
S-1-5-21-606747145-879983540-1177238915-90389
S-1-5-21-606747145-879983540-1177238915-72164
S-1-5-21-606747145-879983540-1177238915-91149
S-1-5-21-606747145-879983540-1177238915-70785
S-1-5-21-606747145-879983540-1177238915-91412
However, when I try to set up a test web page to
require group "NA\USTR-LINUX-1-REDHAT-READ"
And then attempt to access the page, I get the following error:
error] [client 192.63.xxx.xxx] GROUP: EU\\inblr-auth1 not in required
group(s).
Does anyone else have something like this working? What am I doing
wrong?
Thanks,
Ron
More information about the samba
mailing list