[Samba] valid users option

[grant little]

 On Thu, Sep 2, 2010 at 2:08 AM, DUPEYRAT, PIERRE (PIERRE)** CTR ** <
> pierre.dupeyrat at alcatel-lucent.com> wrote:
>
> Hello,
>
> I am using samba server as members of windows AD domain , with "security =
> ADS", the logins unix and windows are aligned.
> Since the version 3.0.34 , I have strange behaviour  on shares where we use
> "valid users" with unix groups it does'nt work.
>
> Nok:
> Valid users = @group1
> Valid users = +group1
>
> Still work :
> Valid users = Domain\user
> Valid users = user
>
> The bad workaround found , is to use a file users.map and add the entry
> below:
> user = domaine\user
>
> could you help me ?
> Regards.
> _________________________________________
> Pierre DUPEYRAT
>

 ------------------------------

*De :* grant little [mailto:grantliddle at gmail.com]
*Envoyé :* jeudi 2 septembre 2010 19:38
*À :* DUPEYRAT, PIERRE (PIERRE)** CTR **
*Objet :* Re: [Samba] valid users option




>  That drove me crazy figuriung it out for my local system but I finally
> found it, YMMV
> this works for me
>   valid users = @ad\groupname
>   write list = @ad\groupname
> where 'ad' is the domain of my local active directory.
>
>
 On Fri, Sep 3, 2010 at 12:26 AM, DUPEYRAT, PIERRE (PIERRE)** CTR ** <
pierre.dupeyrat at alcatel-lucent.com> wrote:

Hello,



The problem is when i want to use unix groups  (locals or NIS).



Regards.


Allô Pierre,


maybe the problem lies in your nsswitch.conf
<quote src='nsswitch.conf man page'>The sources  for  the  "databases"  and
their lookup order are specified in the /etc/nsswitch.conf file.</quote>

I'm using ldap so I have this as part of that file:
passwd:         files ldap
group:          files ldap
shadow:         files ldap

which says it looks first in passwd (etc) files and then ldap

you never described your setup so you might be using something different
like
passwd:  files nis

or

passwd: files winbind

But then maybe I'm way off base.