[Samba] Domain member server: user access
L.P.H. van Belle
belle at bazuin.nl
Tue Sep 26 11:54:22 UTC 2017
Hai Rowland,
>
> No, you haven't done anything wrong and yes the provision
> does set Domain Users to '100' in idmap.ldb.
>
Ow..
This i did not know, only wondering why its not BUILTIN\users ( how it is in windows ).
Do you know as of which version this is? Of as of start, i really never noticed this.
>
> Do not remove Domain Users, but you are correct, there is no
> way to modify a user or group with samba-tool (you can do
> this for a user with 4.7.0), but you can use ldbedit.
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
Ok, i did read somewhere that
Samba uses S-1-22-1 for users and S1-22-2 for groups.
wbinfo -G 100
S-1-5-21-3821322978-3959480180-962995944-513
wbinfo -G 10000
S-1-22-2-10000
S1-22-2-10000 Is the unix group with uid 10000
( with is also in my case "Domain Users" )
But how this maps again in samba, that i really dont know.
Arg, very confusion all..
Well, at least we now know this by design. Pfew..
Thanks for all the info guys.
Greetz,
Louis
More information about the samba
mailing list