[Samba] valid users = +group doesn't work
Leonid Zeitlin
lz at csltd.com.ua
Mon Apr 21 14:21:37 GMT 2008
Hi Jerry,
Please see below.
> The supplementary groups are determined by mapping the Windows group
> to a gid. I'm having to remember what we already convered so apoligies
> fotr asking again. Are you running winbindd? or just manually
> mapping groups to SIDs ? Seems to be the former.
Winbind is running, yes.
>> I see. But it appears to me (correct me if I'm wrong) that
>> if a local Unix group is mapped with "net sam mapunixgroup", then
>> it becomes a local nested group and Samba could use
>> it in "valid users" - but apparently it doesn't, which confuses me.
>
> No. The nested group functionality is only served by Winbind.
I guess my question now boils down to the following: when I access a share
as domain user DOMAIN\lz, is there a way to apply "valid users" check based
on the Unix group membership of the Unix user "lz". From what you are saying
I am getting the impression that the asnwer is no; is this really so?
Thanks,
Leonid
>
>
>
>
>
> cheers, jerry
> - --
> =====================================================================
> Samba ------- http://www.samba.org
> Likewise Software --------- http://www.likewisesoftware.com
> "What man is a man who does not make the world better?" --Balian
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFIDKAIIR7qMdg1EfYRAk+fAJ4zn2iWrkmyVMcfXv9O09rRGWAzPgCcDkA8
> E1O1kHw1lM1LDcE2xRcJfWY=
> =ch5e
> -----END PGP SIGNATURE-----
>
More information about the samba
mailing list