[Samba] I can not use a domain group in the DC filesystem

Denis Cardon dcardon at tranquil.it
Thu Feb 8 10:04:52 UTC 2018

Hi Denis,

> I have just installed a samba 4.7.4 from source. All right!
> wbinfo -u  and wbinfo -g return the list of users and groups from the
> domain
> But I can not use they in the DC filesystem.
> For instance:
> # touch ttt
> # chgrp 'domain admins' ttt
> chgrp: invalid group: ‘domain admins’

First, you need to configure nsswitch to have samba users available to 
the linux subsystem (/etc/nsswitch.conf).

Second, winbind idmap on DC is not done the same way as on member 
server. Unless you are seeking pain and tears, I would advise you to 
separate the domain controller and the fileserver.



> That should I do to ?

Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0)

Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr

More information about the samba mailing list