Hi, thanks for your help - now it works :-))))))) But there is a new problem. We log on to the linux machine for email and ssh and so on. So the new problem is that a user is now AMATEC+testuser instead simple testuser (for the pam module). But I think we can make a hack to the pam_winbind.so file to add "AMATEC+" to the entered username (so a user has not to enter AMATEC+testuser but only testuser). Or is there a better way?
Kind regards -----Ursprüngliche Nachricht----- Von: Alex de Vaal [mailto:[EMAIL PROTECTED] Gesendet: Montag, 26. April 2004 10:40 An: [EMAIL PROTECTED] Betreff: [Samba] Windows 2003 Active Directory and Group Access Hello Franz, I had the same problem with Wk3 groups as valid users on my shares; remove "winbind use default domain = yes" or set it to "winbind use default domain = no" Because "winbind separator = +" your valid group will be "valid users = @AMATEC.LOCAL+"GG_Entwicklung" If you remove "winbind separator = +" your valid group will be "valid users = @AMATEC.LOCAL\"GG_Entwicklung" I prefer the last one, because my ADS users don't have to logon on the Linux server. My Samba server just acts as a Windows domain member server in ADS. -- Regards, Alex de Vaal. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
