[Samba] Samba Groups questions

Duncan Brannen dbb at st-andrews.ac.uk
Mon Aug 25 14:17:31 GMT 2008 

Hi,
      When Samba is running as a PDC and a workstation is joined to the 
Domain, should the user
logged into the workstation be able to see all the groups they are a 
member of using `ifmember /list`?
Is the below output as expected?  I'm I correct thinking that as all my 
groups originate
in the Unix world, I don't need winbind to allow the Workstations to see 
them?

For what it's worth, Solaris 10 (Sparc) Samba 3.2.1 and OpenLDAP, 
everything bar
the Samba version should be irrelevant as it's hidden behind nsswitch 
and passdb backend?

It's a clean OS / Ldap install with the smbldap tools used to populate 
the directory and create
the user, then 'net rpc' used to create groups and add members.

Thanks,
             Duncan

-----
On the PDC
/usr/local/samba/bin/net rpc group members room11 -Uroot%password
CROOMTEST\dunk

/usr/local/samba/bin/net groupmap list
Domain Admins (S-1-5-21-440367617-1876916578-3462541782-512) -> Domain 
Admins
Domain Users (S-1-5-21-440367617-1876916578-3462541782-513) -> Domain Users
Domain Guests (S-1-5-21-440367617-1876916578-3462541782-514) -> Domain 
Guests
Domain Computers (S-1-5-21-440367617-1876916578-3462541782-515) -> 
Domain Computers
Administrators (S-1-5-32-544) -> Administrators
Account Operators (S-1-5-32-548) -> Account Operators
Print Operators (S-1-5-32-550) -> Print Operators
Backup Operators (S-1-5-32-551) -> Backup Operators
Replicators (S-1-5-32-552) -> Replicators
room11 (S-1-5-21-440367617-1876916578-3462541782-3003) -> room11
room9 (S-1-5-21-440367617-1876916578-3462541782-3005) -> room9

getent group
...
room11::1001:dunk

getent passwd
...
dunk:x:1000:512:System User:/home/dunk:/bin/bash

-----
On the workstation

net group /domain room11

returns dunk as a member

net group /domain

returns a list of all the groups mapped on the pdc that start S-1-5-21-

ifmember /list

returns the primary group CROOMTEST\Domain Admins
\Everyone
BUILTIN\Administrators
BUILTIN\Users
\Local
NT Authority\INTERACTIVE
NT Authority\Authneticated Users



-- 
The University of St Andrews is a charity registered in Scotland : No SC013532

More information about the samba mailing list