[Samba] Groups and ldap
Chan Min Wai
dcmwai at gmail.com
Sun Jan 26 15:32:38 MST 2014
Hi Fredrik,
I think the problem you have are the geteng group
Do you have it in your group list when local group/users isn't present?
If you don't have that...
Samba will be clueless about the group...
On Sun, Jan 26, 2014 at 11:35 PM, Fredrik Gustafsson <iveqy at iveqy.com>wrote:
> On Thu, Jan 23, 2014 at 04:02:05PM +0100, Noël Köthe wrote:
> > Am Montag, den 20.01.2014, 09:25 +0100 schrieb Fredrik Gustafsson:
> >
> > > I've a working samba configuration with shares mapped to groups with
> > > "valid users = @smbusers". It all works fine with tdbsam as a backend.
> > > Now I've switched to ldapsam as a backend. I've a working openldap
> > > server that my windows machines authenticate to. Each user is also a
> > > linux-user but linux does not use ldap but /etc/passwd.
> > >
> > > However the groups in does not work and I can't access the shares with
> > > "valid users = @smbusers". I've also tried to have "valid users =
> > > @HOSTNAME/smbusers" without success.
> > >
> > > How is the correct way to specify a ldap group to authenticate to?
> >
> > Yes. "valid users = @groupname" ist the correct share option.
> > Are your groups listed in "getent group"?
>
> Thanks for validating that I was on the right track. I'd a couple of
> share that I wanted to share to @smbusers without success. However
> adding a new group in /etc/group with the same users but with a new GID
> and a new group name (sambausers) and then user @sambausers instead in
> smb.conf worked.
>
> Am I missing something obvious?
>
> --
> Med vänlig hälsning
> Fredrik Gustafsson
>
> tel: 0733-608274
> e-post: iveqy at iveqy.com
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list