[Samba] Winbind + Local Unix groups mixing

Jeandet alexis alexis.jeandet at lpp.polytechnique.fr
Tue May 29 00:54:49 MDT 2012

Hello samba team,

I was working for many days on setting up a Samba server using Active 
Directory users and local unix groups without any success.
This is a quite big domain (~150 users >300 machines), with many samba 
servers, I wouldn't have to add any more groups to the active directory 
just on each unix server.
I also need pam for ssh logins.

I try two different ways:

1 : With local (on the linux Server) accounts and Kerberos 
authentication + kerberos Pam module, it works but windows machines have 
to login as "Unix-SERVER\user" instead of "Win-Domain\user"
2 : With Winbind + pam_Winbind in this case windows machines in the 
domain are automatically logged in but if I want to add a "winbind user" 
to a local group it Samba doesn't use it. It seems that samba+winbind 
doesn't want to check local groups on domain user.

  Is there a way to do that?

Best regards,
Alexis Jeandet.

More information about the samba mailing list