[Samba] Samba4 list members of an AD group
steve
steve at steve-ss.com
Sun Mar 11 00:36:24 MST 2012
On 03/10/2012 11:11 PM, Matthieu Patou wrote:
> On 03/10/2012 08:09 AM, steve wrote:
>> On 03/10/2012 09:20 AM, Matthieu Patou wrote:
>>> On 03/09/2012 12:32 AM, steve wrote:
>>>> On 08/03/12 18:47, Matthieu Patou wrote:
>>>>>
>>>>>>
>>>>>> Thanks for the explanation. We've no windows server:-) but it
>>>>>> would be
>>>>>> interesting to see if one threw up different tabs.
>>>>>>
>>>>>> As for listing members in a group. Is it possible? Really it's me
>>>>>> being lazy. It would save me writing a script to dig out group ids
>>>>>> from the ldb.
>>>>>
>>>>> You can use MS tools on a Win XP/ Win7
>>>>> See this:
>>>>>
>>>>> https://wiki.samba.org/index.php/Samba4/HOWTO#Viewing_Samba_4_Active_Directory_object_from_Windows
>>>>>
>>>>>
>>>>>
>>>>> Matthieu.
>>>>>
>>>> Hi
>>>> Thanks, but the members tab does not show when I have the
>>>> objectclass: posixGroup set.
>>>> Any ideas?
>>>> Cheers,
>>>> Steve
>>> Ask Microsoft.
>>>
>>> Make the same on test windows server and try to see if you can see
>>> this attribute.
>>> If so make traces and try to figure out the differences of behavior
>>> between samba and windows.
>>>
>>> Matthieu.
>>>
>> Hi
>> I'd gladly approach ms but I don't have a 2008 server.
> You can try to download a test version of Windows 2008R2
>> Anyone? I think they'd tell me that I'd have to buy extra software to
>> be able to list members of a group.
> Check the doc, Microsoft published a list of document related to their
> protocols:
>
> http://msdn.microsoft.com/en-us/library/gg258393%28v=prot.13%29.aspx
>
>
>> All I did was create a group:
>> samba-tool group add mygroup
>> then ldbmodify or ldbedit sam.ldb on
>> cn=mygroup,cn=Users,dc=domain,dc=com, to add:
>> objectClass: posixGroup
>> gidNumber: 6000
>>
>> Everything is working fine, I just can't list group members.
>>
> Can you try a test version and see the behavior of
>> Meanwhile, _is_ there a samba-tool or wbinfo command that lists
>> members of a group?
> Don't know, didn't look like it has it.
>
> Matthieu.
>
Hi
I can find the posix stuff in the schema and there's a copy of it with
the s4 source but nothing specific about not being able to list members
of a group. This:
http://support.microsoft.com/kb/2379276
seems to suggest setting
primaryGroupID = gidNumber
which is fine in that it makes the mapping more readable but does not
solve the group listing problem of course.
Anyone else been here?
Cheers,
Steve
More information about the samba
mailing list