[Samba] Problem with Defaulting Groups and AD

Gerald (Jerry) Carter jerry at samba.org
Thu Sep 6 20:45:34 GMT 2007

Hash: SHA1


> Vital Stats - AMD 64-bit CPU, Ubuntu 7.0.4 (Feisty Fawn), 
> Samba 3.0.24,
> Win2003 AD Domain
> I'm not sure how to make it stop doing it.  When a user 
> "logs in" they get an automatically assigned group
> of "domain users" which doesn't actually exist in
> any of the file permissions.  I've tried setting group
> = %G and force group = %G but neither one is working.  

That says "force the group membership to the user's
primary group" which is pointless.  Not sure what you
are trying to do.  If you are runnign winbindd (assuming
so), then just add "domain users" the acl permissions?
Or some other domain group that you want.

> If anyone knows how to suppress this, I'd be greatly

Suppress what?

> appreciative.  As things stand, users can map the share
< but now everything is write only, despite specifically
> being stipulated at writeable.

You always get the most restrictive permission set
between smb.conf, share permissions, and file system permissions.

cheers, jerry
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba mailing list