[Samba] Why do un-groupmap'ed Unix groups show up in Windows?
Gerald (Jerry) Carter
jerry at samba.org
Mon Mar 13 04:32:00 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Michael Lueck wrote:
> Typical Linux Distros add all sorts of Unix groups to users when it
> creates them, like cdrom, floppy, dialout, audio, etc...
>
> Logging in to the domain from Windows with an account that has such
> membership over on Linux... "ifmember.exe /list" shows all of those
> memberships. Why exactly? I would expect only the groups I did a "net
> groupmap" on would be considered by Samba. Makes me wonder the real
> results of...
>
> net groupmap add ntgroup=ntadmins unixgroup=ntadmins type=d
>
> since groups I did not map show up on Windows.
The unmapped groups are still part of the user's token. So they
have to be reported somehow. Same thing if you look at the ACL
on a file that has a unmapped group. You expect to see the Unix
group name,
cheers, jerry
=====================================================================
I live in a Reply-to-All world. -----------------------
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEFPXAIR7qMdg1EfYRAlFtAKCZa64i7Uz3X8hwX/C9HFCZyDXszgCdG+9C
8qqrEQJJNjxrNimtzFfeFNI=
=J2vl
-----END PGP SIGNATURE-----
More information about the samba
mailing list