[Samba] sambaUserWorkstations (with LDAP) not working with Groups
of Computers ?
Frédéric Nass
Frederic.nass at univ-metz.fr
Thu Nov 8 07:20:33 GMT 2007
Hi,
I'm trying to use the sambaUserWorkstations option to allow users to log
on certain computers only. This option looks great... In fact it looks
now a lot better than the 'ldap filter' one than was deprecated with
samba 3.0.20...
The fact is, if the sambaUserWorkstations option works well with machine
names, it doesn't seem to work when specifying groups of machines. I'm
using LDAP as a backend + samba 3.0.24 (debian 4).
For example, I configured the "sambaUserWorkstations" attibute of my
user "test" with the followings arguments : "sambaUserWorkstations:
PC1,+salle1"
This should work for PC1,PC2 (as 'salle1' machine group has PC1$ and
PC2$ for members) but not for PC3, right ? But the user is actually only
allowed to log in PC1, but bounced on PC2. This seemed to be working
easy with files as samba backend.
Is this the right syntax for computer groups with ldap ? I tried using a
"@" instead of a "+" but it didn't help ?
I use LATEST Debian 4 (samba 3.0.24) UP-TO-DATED.
Please find all debug and configuration infos here :
http://www.fichiers.univ-metz.fr/depot/nass/sambaUserWorkstations-Groups-Problem.tar.gz
Thank you for any help you might provide us,
Frédéric Nass
IUT de Metz - Université de Metz.
FRANCE
nass_chez_univ-metz_point_fr
Tél : +33387547736
More information about the samba
mailing list