[Samba] Domain member server: user access
Rowland Penny
rpenny at samba.org
Tue Sep 26 13:15:00 UTC 2017
On Tue, 26 Sep 2017 14:54:58 +0200
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
> Mandi! Rowland Penny via samba
> In chel di` si favelave...
>
> > This means that the Windows group is mapped to the Unix group
> > 'users' on a DC, up until you give Domain Users a gidNumber, then
> > the ID will change to the one you placed in the gidNumber attribute
> > in Domain Users.
>
> I can confirm that.
>
> Using ADUC i've noted that 'Domain Users' have no GID assigned, so
> seems that some samba ''internal'' logic assign GID 100 'by default'.
Yes, but only on a DC.
>
> After assigning GID 10513:
>
> root at vdcsv1:~# net cache flush
> root at vdcsv1:~# getent group "Domain Users"
> LNFFVG\domain users:x:10513:
> root at vdcsv1:~# wbinfo -G 10513
> S-1-5-21-160080369-3601385002-3131615632-513
>
As expected, but if you use the winbind 'ad' backend, you will get this
everywhere
Rowland
More information about the samba
mailing list