Hi All,
We wonder about the possibility to use the primary group of a user as
argument in the "valid users" option, in the share section of the
"smb.conf".
I explain :
In an AD schema, you're primary group could be, for example, 530 (Domain
Users), you're not "memberof" the "Domain users" group in the LDAP schema.
So winbind and/or NSS seems to have problems to retrieve the membership
of a user when he belongs to the primary group.
We use samba 3.5.6 joined to a samba 4 rc5 AD, and we would like to use
the primary group of the users as argument for the option "valid users".
But the level 10 log give us :
Nov 19 12:37:06 localhost smbd[23716]: [2012/11/19 12:37:06.964523, 2]
smbd/service.c:598(create_connection_server_info)
Nov 19 12:37:06 localhost smbd[23716]: user 'DOMAIN/User' (from session
setup) not permitted to access this share (TEST)
Nov 19 12:37:06 localhost smbd[23716]: User DOMAIN/User not in 'valid
users'
For info :
When we use wbinfo -r User, it return primary group AND other group
membership.
When we use "getent group", the primary group is shown but is empty.
Is it simply possible?
Cheers,
--
-----------------------
*** OB
*** Service Informatique
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
