[Samba] Question to Primary Groups
Andreas Hauffe
andreas.hauffe at tu-dresden.de
Mon Feb 16 02:27:24 MST 2015
Hi,
thanks for your answer.
Just last question. What do you mean with "secondary group"?
a) The user is member of the "Domain Users" beside the primary group.
b) The primary group itself is member of the "Domain Users" and the user that way a member
of "Domain Users".
--
Viele Grüße
Andreas Hauffe
Am Sonntag, 15. Februar 2015, 22:50:33 schrieb Harry Jede:
> On 18:06:54 wrote Andreas Hauffe:
> > Hi,
> >
> > if you use the UNIX attributes the primary group is ignored if you
> > use winbind and the primary group of the AD attributes is used. So
> > every user has the "Domain Users" group as primary group. I also
> > read that you are not supposed to change the AD primary group to
> > another than "Domain Users". Is there a way to set the UNIX primary
> > group to another group without causing trouble in Windows? Perhaps
> > create a group which is member of the "Domain Users" and make this
> > the primary AD group?
>
> Read this:
> https://technet.microsoft.com/en-us/library/cc776334%28v=ws.10%29.aspx
> and
> https://technet.microsoft.com/en-us/library/cc758426%28v=ws.10%29.aspx
>
> We use often other primary groups for several reasons. Important is:
> 1. Sync unix and windows primary group manually. Make admins life easier
> in mixed environments.
> 2. Each user should be member of "Domain Users". At least as secondary
> group.
More information about the samba
mailing list