[Samba] Re: ldapsearch and getent passd/group with nss winbind
differs
Andreas Ladanyi
knuffiandy at web.de
Wed Aug 20 17:40:23 GMT 2008
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Andreas Ladanyi wrote:
>
>> Winbind honors the Windows group membership and not
>> necessarily "msSFU30PosixMemberOf" attributes.
>>
>>> So it should be enough if you give the Windows group a GID in tab "UNIX
>>> attribute" in Active Directory and you have to do nothing else for the
>>> Linux side ?!
>
>
> Yup.
Ok ! Could it be true this behavior is different between
"security=domain" and "security=ads" ?
Because we had to put the user to the group:
- first on windows side in ActiveFirectory
- second on unix site in AD in the tab "Members of"
so winbind 3.0.24 client recognise the group membership on unix side in
"security=domain" mode.
Now we changed to Samba 3.0.31 with security=ads mode and the behavior
is a bit different.
??
More information about the samba
mailing list