[Samba] Re: ldapsearch and getent passd/group with nss winbind
knuffiandy at web.de
Wed Aug 20 17:40:23 GMT 2008
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Andreas Ladanyi wrote:
>> Winbind honors the Windows group membership and not
>> necessarily "msSFU30PosixMemberOf" attributes.
>>> So it should be enough if you give the Windows group a GID in tab "UNIX
>>> attribute" in Active Directory and you have to do nothing else for the
>>> Linux side ?!
Ok ! Could it be true this behavior is different between
"security=domain" and "security=ads" ?
Because we had to put the user to the group:
- first on windows side in ActiveFirectory
- second on unix site in AD in the tab "Members of"
so winbind 3.0.24 client recognise the group membership on unix side in
Now we changed to Samba 3.0.31 with security=ads mode and the behavior
is a bit different.
More information about the samba