[Samba] Samba + LDAP: Changing user's group

davefu davefury at gmail.com
Fri Nov 20 00:30:44 MST 2009 

Thanks for the reply.
Think I'll have a look at the smb.conf.

Im not really sure about the answer to your question. For each domain, I
have 2 "sambaGroupMapping" (domainUsersDOMAIN & domainAdminsDOMAIN both SSID
ending in 513 and 512), and all the posix groups I want, to keep certain
order between user groups, admin groups, etc. which will come in use when
setting ACLs on the shared resources.

Thanks again.


Gaiseric Vandal wrote:
> 
> There are various TDB that cache info (maybe under /var/samba/locks)
> 
> If you run "testparm -v" there may be some timeout or cache variables you
> could adjust.
> 
> Does it matter if you have mapped the unix group to a Windows group?  In
> my
> environment we set up group mappings for the key groups (like Domain
> Administrators) but we have a lot of unix groups that we don't explicitly
> map to Windows groups.  
> 
> 
> -----Original Message-----
> From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
> On Behalf Of davefu
> Sent: Thursday, November 19, 2009 7:29 AM
> To: samba at lists.samba.org
> Subject: [Samba] Samba + LDAP: Changing user's group
> 
> 
> Hello fellas. I'm facing this problem today:
> 
> My Samba PDC is using LDAP as a backend, and its working really good. The
> problem comes when I change the groups on one of the users. System shows
> the
> change correctly by using 'getent group' and if I log as that user the
> behavior correct when trying the new group permissions.
> 
> Samba, however, doesn't seem to get those changes immediately (it syncs
> hours later, totally random amount of time). I've tried disabling NSCD but
> no luck. I've read somewhere that restarting Samba service forces Samba to
> refresh the users credentials, but thats not possible to do everytime a
> user
> needs a change in his groups. I'm wondering if there is some way to
> refresh
> Samba cached credentials.
> 
> Has anyone experienced this before?
> 
> P.D: Where is Samba caching the users information/credentials/password/etc
> anyway?
> 
> 
> -- 
> View this message in context:
> http://old.nabble.com/Samba-%2B-LDAP%3A-Changing-user%27s-group-tp26421317p2
> 6421317.html
> Sent from the Samba - General mailing list archive at Nabble.com.
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> 

-- 
View this message in context: http://old.nabble.com/Samba-%2B-LDAP%3A-Changing-user%27s-group-tp26421317p26428171.html
Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list