[Samba] Samba/LDAP - using Poledit for security templates.

Matthew Thompson matthew.thompson at startrackexpress.com.au
Mon Sep 25 00:18:42 GMT 2006

Hi samba gurus, 

I have a successful install of samba/LDAP (on FC5) and am looking at
applying security templates for different groups. 

I had this successfully working on my old RH9 box running samba (but not
using LDAP). Using poledit, I created groups (sales, it, etc) that were
the same as my linux groups, and created a Ntconfig.POL file.

Referring to this article for use on poledit.exe and applying a security
template to a samba domain: 


On the new setup, when I create new groups using the smbldap-tools, all
appears to be correct. My user can join that group and it shows up with
'id' and 'getent group'. 

My problem is with poledit.exe... when I create groups (for the purpose
of applying security settings to my different groups) it seems as if
they don't pickup the newly created groups within my LDAP directory.
When I make changes to the "default users" group, those settings do
apply, but any settings made to the newly created group does not. This
to me would rule out a permission issue on the *.POL file. 

There is as setting within poledit.exe where you can browse for groups
within the domain. I cannot view any non default groups (as in the ones
I created after smbldap-populate - it, sales, etc). I thought that this
may have had something to do with it, however, my old RH9 box cannot
view additional groups either, and it worked. 

I'm new to Linux and samba/LDAP - so I'm not exactly sure whether I'm
asking the right people. However, I thought I start with you guys and
progress further if need be.


Thanks for you time and thoughts on this.



Matthew Thompson


More information about the samba mailing list