[Samba] BUILTIN not mapping on DC
Michael Adam
obnox at samba.org
Tue Apr 29 14:25:44 MDT 2014
Hi Rowland,
On 2014-04-29 at 17:44 +0100, Rowland Penny wrote:
> On 29/04/14 13:03, Michael Adam wrote:
> >
> >Attached is a patch that fixes --gid-info and hence "getent
> >group" for builtins on the DC. Note that this will not produce
> >the same GIDs as on a member.
> >
> > ...
> >
> OK, it works with 4.1.7, for the first time I can 'getent group' and
> get domain groups:
>
> root:x:0:
> ...........
> DOMAIN\Enterprise Read-Only Domain Controllers:*:3000025:
> DOMAIN\Domain Admins:*:3000010:
> DOMAIN\Domain Users:*:10000:
> DOMAIN\Domain Guests:*:3000003:
> DOMAIN\Domain Computers:*:3000020:
> DOMAIN\Domain Controllers:*:3000026:
> DOMAIN\Schema Admins:*:3000007:
> DOMAIN\Enterprise Admins:*:3000011:
> DOMAIN\Group Policy Creator Owners:*:3000009:
> DOMAIN\Read-Only Domain Controllers:*:3000027:
> DOMAIN\DnsUpdateProxy:*:3000028:
>
> Thank you very much ;-)
That is curious. Should actually have worked for 4.0.0 already.
What did you change? Did you have winbind in nsswitch before?
BTW, note that currently the getent group enumeration
only prints domain groups not domain local groups (aliases)
or builtins, but at least for builtins, the form
"getent group BULTIN\\Administrators" works with the previous
patch, so we could add that to enumeration as well.
But frankly enumeration is not important. The individual
calls are what is required to work.
Cheers - Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20140429/9e340e3a/attachment.pgp>
More information about the samba
mailing list