[Samba] Samba + LDAP: Changing user's group
davefu
davefury at gmail.com
Fri Nov 20 00:30:44 MST 2009
Thanks for the reply.
Think I'll have a look at the smb.conf.
Im not really sure about the answer to your question. For each domain, I
have 2 "sambaGroupMapping" (domainUsersDOMAIN & domainAdminsDOMAIN both SSID
ending in 513 and 512), and all the posix groups I want, to keep certain
order between user groups, admin groups, etc. which will come in use when
setting ACLs on the shared resources.
Thanks again.
Gaiseric Vandal wrote:
>
> There are various TDB that cache info (maybe under /var/samba/locks)
>
> If you run "testparm -v" there may be some timeout or cache variables you
> could adjust.
>
> Does it matter if you have mapped the unix group to a Windows group? In
> my
> environment we set up group mappings for the key groups (like Domain
> Administrators) but we have a lot of unix groups that we don't explicitly
> map to Windows groups.
>
>
> -----Original Message-----
> From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
> On Behalf Of davefu
> Sent: Thursday, November 19, 2009 7:29 AM
> To: samba at lists.samba.org
> Subject: [Samba] Samba + LDAP: Changing user's group
>
>
> Hello fellas. I'm facing this problem today:
>
> My Samba PDC is using LDAP as a backend, and its working really good. The
> problem comes when I change the groups on one of the users. System shows
> the
> change correctly by using 'getent group' and if I log as that user the
> behavior correct when trying the new group permissions.
>
> Samba, however, doesn't seem to get those changes immediately (it syncs
> hours later, totally random amount of time). I've tried disabling NSCD but
> no luck. I've read somewhere that restarting Samba service forces Samba to
> refresh the users credentials, but thats not possible to do everytime a
> user
> needs a change in his groups. I'm wondering if there is some way to
> refresh
> Samba cached credentials.
>
> Has anyone experienced this before?
>
> P.D: Where is Samba caching the users information/credentials/password/etc
> anyway?
>
>
> --
> View this message in context:
> http://old.nabble.com/Samba-%2B-LDAP%3A-Changing-user%27s-group-tp26421317p2
> 6421317.html
> Sent from the Samba - General mailing list archive at Nabble.com.
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
--
View this message in context: http://old.nabble.com/Samba-%2B-LDAP%3A-Changing-user%27s-group-tp26421317p26428171.html
Sent from the Samba - General mailing list archive at Nabble.com.
More information about the samba
mailing list