[Samba] sambaUserWorkstations (with LDAP) not working with Groups
of Computers ?
Frederic.nass at univ-metz.fr
Thu Nov 8 07:20:33 GMT 2007
I'm trying to use the sambaUserWorkstations option to allow users to log
on certain computers only. This option looks great... In fact it looks
now a lot better than the 'ldap filter' one than was deprecated with
The fact is, if the sambaUserWorkstations option works well with machine
names, it doesn't seem to work when specifying groups of machines. I'm
using LDAP as a backend + samba 3.0.24 (debian 4).
For example, I configured the "sambaUserWorkstations" attibute of my
user "test" with the followings arguments : "sambaUserWorkstations:
This should work for PC1,PC2 (as 'salle1' machine group has PC1$ and
PC2$ for members) but not for PC3, right ? But the user is actually only
allowed to log in PC1, but bounced on PC2. This seemed to be working
easy with files as samba backend.
Is this the right syntax for computer groups with ldap ? I tried using a
"@" instead of a "+" but it didn't help ?
I use LATEST Debian 4 (samba 3.0.24) UP-TO-DATED.
Please find all debug and configuration infos here :
Thank you for any help you might provide us,
IUT de Metz - Université de Metz.
Tél : +33387547736
More information about the samba