[Samba] winbind group membership
Eugene M. Zheganin
emz at norma.perm.ru
Fri Jan 27 09:23:14 MST 2012
Hi.
On 27.01.2012 14:48, Eugene M. Zheganin wrote:
> Hi.
>
> FreeBSD 8.2
> Samba 3.5.11 from ports
>
> I have an issue with group membership. id shows only small part of the
> groups a user is member of. I'm aware about UNIX max group issue, but
> this isn't related to it - for example for a user which is member of
> the 6 griups id shows only 3. Although wbinfo -r shows correct number
> of groups and wbinfo -G is able to successfully translate UNIX group
> to a domain SID.
>
>
I was able to localize the problem a bit more.
First of all, winbind doesn't recognize at all the Universal domain
groups. Since I have only one domain, I simply changed all the universal
group I'm interested in to global ones (still wonder who and why created
all these groups as universal).
But this solved only a part of the problem. I sill don't see all of the
domain groups in 'id' output for the user.
I compared the 'wbinfo -g' output and the 'getent group' output. In the
'getent group' some groups are missing !
These are the same groups that are missing from 'id user'.
So.... any ideas ?
Thanks.
Eugene.
More information about the samba
mailing list