[Samba] auto_private_groups analogue?
rpenny at samba.org
Fri Feb 28 08:00:35 UTC 2020
On 27/02/2020 23:28, Alexey A Nikitin via samba wrote:
> SSSD has auto_private_groups setting which effectively automatically creates a private user group when getting users from AD that either don't have gidNumber set for them or have gidNumber set to be the same as uidNumber.
It sounds like sssd is doing something similar to what idmap.ldb does on
a Samba DC, On a DC a group can be a group and a user. There is nothing
like this on a Unix domain member, the nearest you can get is by using
the winbind 'ad' backend on Samba >= 4.6.0 and adding 'idmap config
SAMDOM:unix_primary_group = yes' to the smb.conf . With this you can set
individual primary groups for each user, but they cannot have the same
name as the user.
Why you would want to do this, defeats me, yes I know that you are used
to user private groups, but Windows works very well without them.
More information about the samba