--- David Boynton <[EMAIL PROTECTED]> wrote: > Well, I got this to work once by manually editing > the /etc/group file, like > adding the line: > > localgroup:x:<gid>: domain+user1,domain+user2,etc > > I don't know if this is a safe thing to do, however. > :)
I don't believe you can safely manually edit this file, as you would probably also have to edit /etc/gshadow to match. Unix/Linux has a tool called gpasswd that will do this for you: gpasswd -a <user> <group> It lets you add users to a group without them existing in /etc/passwd (they don't even have to exist at all). Combine this with "winbind use default domain = yes" in smb.conf and you're ready to go. For example, in the domain ABC for the user john, do this to add him to a 'local' Unix group called smbusers: gpasswd -a john smbusers With "winbind use default domain = yes" you don't need to prefix it with your domain. Slick, huh? (: Good luck, /dev/idal > On Friday 14 February 2003 03:37 am, Matthias Rutzki > wrote: > > Hi, > > > > I am running a Samba 2.2.7a on Redhat 7.3 in a NT > domain. For > > authentication I am using the domainusers.This is > done by Winbind 2.2.7a > > which verifies the existens of the users on the > PDC. So I dont't have to > > create local users (/etc/passwd) for users who > want to connect to the > > shares in the smb.conf. I authorise them by adding > valid users = > > domain+domainuser to the smb.conf. This works very > well. > > Now my problem: > > By writing valid users = @localgroup or > +localgroup > > I can authorise local groups (/etc/group) to > connect to the shares. > > Now I want to add the domainusers to some local > groups.Putting the > > domainusers in groups should save much time > because otherwise I have to add > > each domainuser for every share seperatly. > > E.g. valid users = domain1+domainuser > domain2+domainuser2.... > > I have tried it with: usermod -g localgroup > domain+domainuser > > which ends in this message: usermod: > domain+domainuser not found > > /etc/passwd I know this is message is right > because there is no domainuser > > in > > /etc/passwd. > But how can I assort the domainusers? > > Is there a way to use groups of domainusers who > are verified by winbind in > > the smb.conf? __________________________________________________ Do you Yahoo!? Yahoo! Shopping - Send Flowers for Valentine's Day http://shopping.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba