[Samba] AD integration with multiple groups
grantliddle at gmail.com
Tue Feb 1 09:21:42 MST 2011
I forgot to mention that I also use along with the other:
write list = @ad\securitygroupname
On Tue, Feb 1, 2011 at 8:19 AM, grant little <grantliddle at gmail.com> wrote:
> Yes I do that using:
> valid users = @ad\securitygroupname
> works like a charm.
> also in my config, don't know if it relates:
> workgroup = AD
> realm = AD.MYDOMAIN.XXX
> On Tue, Feb 1, 2011 at 5:57 AM, julien mabillard <jma at mbuf.net> wrote:
>> I post here my question after having spent time on google and forums
>> and documentation to find a clue.
>> I use:
>> GNU/Linux RHEL5 x86_64
>> Samba Version 3.5.6
>> Active Directory 2003 on Windows 2003/2008
>> I want to allow an authenticated user (AD authenticated) to access
>> a share partition under samba only if one of his secondary groups
>> is a defined one.
>> ex: user joe
>> uid=4001(joe) gid=4010(domain users) groups=4010(domain users),
>> I want to be able to only allow group 'operations' to access the
>> share. I was trying to use : valid users = @operations
>> or : valid users = @MYDOM\operations
>> But I only get success with the gid 'domain users'.
>> Can someone tell me if this is possible to do?
>> Thank you very much.
>> refs : https://mbuf.net/
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba