[Samba] domain users issue
Rowland Penny
rpenny at samba.org
Mon Feb 12 19:48:12 UTC 2018
On Mon, 12 Feb 2018 20:24:01 +0100
Trenta sis via samba <samba at lists.samba.org> wrote:
> Hi Rowland,
>
> Not really sure if that is correct, tried with native AD and domain
> users are showed also if they have domain users as primary group, IT
> seems a samba bug liek It was described here
> https://lists.samba.org/archive/samba/2017-October/211699.html
>
> Any suggestion about how to solve, other groups are working OK, but
> seems that with netapp cdot domain users are not usable, and this is a
> problem...
>
I ran the command on a win7 machine and it didn't show ANY users as
members of Domain Users, yet every user is definitely a member of Domain
Users.
If I run (on a DC): samba-tool group listmembers Domain\ Users
I get a list of all members, but 'listmembers' uses this filter:
(|(primaryGroupID=%s)(memberOf=%s))
Which means use either the contents of the 'primaryGroupID' attribute
OR any 'memberOf' attributes.
If a member of Domain Users (i.e. Every AD user) cannot read a file in
a share that has the group permissions for Domain Users, then the
problem is more than likely to be on the netapp.
Rowland
More information about the samba
mailing list