[Samba] Problem with Defaulting Groups and AD
Gerald (Jerry) Carter
jerry at samba.org
Thu Sep 6 20:45:34 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
> Vital Stats - AMD 64-bit CPU, Ubuntu 7.0.4 (Feisty Fawn),
> Samba 3.0.24,
> Win2003 AD Domain
> I'm not sure how to make it stop doing it. When a user
> "logs in" they get an automatically assigned group
> of "domain users" which doesn't actually exist in
> any of the file permissions. I've tried setting group
> = %G and force group = %G but neither one is working.
That says "force the group membership to the user's
primary group" which is pointless. Not sure what you
are trying to do. If you are runnign winbindd (assuming
so), then just add "domain users" the acl permissions?
Or some other domain group that you want.
> If anyone knows how to suppress this, I'd be greatly
> appreciative. As things stand, users can map the share
< but now everything is write only, despite specifically
> being stipulated at writeable.
You always get the most restrictive permission set
between smb.conf, share permissions, and file system permissions.
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba