[Samba] AD integration with multiple groups
julien mabillard
jma at mbuf.net
Tue Feb 1 06:57:11 MST 2011
Hello,
I post here my question after having spent time on google and forums
and documentation to find a clue.
I use:
GNU/Linux RHEL5 x86_64
Samba Version 3.5.6
Active Directory 2003 on Windows 2003/2008
I want to allow an authenticated user (AD authenticated) to access
a share partition under samba only if one of his secondary groups
is a defined one.
ex: user joe
uid=4001(joe) gid=4010(domain users) groups=4010(domain users),
4011(IT),4012(operations)
I want to be able to only allow group 'operations' to access the
share. I was trying to use : valid users = @operations
or : valid users = @MYDOM\operations
But I only get success with the gid 'domain users'.
Can someone tell me if this is possible to do?
Thank you very much.
--
refs : https://mbuf.net/
More information about the samba
mailing list