On Tue, 2004-03-16 at 01:53, Beast wrote: > * Matthias Eichler <[EMAIL PROTECTED]> nulis: > > > on the member server: > > ---cut--- > > fileserver:~# net groupmap list > > System Operators (S-1-5-32-549) -> -1 > > Replicators (S-1-5-32-552) -> -1 > > Guests (S-1-5-32-546) -> -1 > > Power Users (S-1-5-32-547) -> -1 > > Domain Admins (S-1-5-21-243015202-3338874213-4097231961-512) -> -1 > > Print Operators (S-1-5-32-550) -> -1 > > Administrators (S-1-5-32-544) -> -1 > > Domain Guests (S-1-5-21-243015202-3338874213-4097231961-514) -> -1 > > Domain Users (S-1-5-21-243015202-3338874213-4097231961-513) -> -1 > > Account Operators (S-1-5-32-548) -> -1 > > Backup Operators (S-1-5-32-551) -> -1 > > Users (S-1-5-32-545) -> -1 > > ---cut--- > > > > > net groupmap modify sid=S-1-5-AND-SO-ON ntgroup="Domain Users" > > > unixgroup=valid_unix_group type=domain > > > if groupmap exists for ntgroup, you either must delete it and > > > then add it or modify it. > > > > OK, maybe this was what I was misunderstanding: > > I thought that with security=DOMAIN the groupmaps > > should be some kind of resolved between PDC and > > the members server or at least with groupmap = -1 > > I have to create them which didnt work. > > > > Groupmapping was stored on ldap (if using ldapsam), so for every samba machine you > wish to obtain the mapping should using same backend. --- seems to me the choice for member server is either to be a slave ldap (necessary for BDC but not for member server) or winbind.
Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba