Hi, thx for the fast reply.
Am Dienstag, den 05.09.2006, 14:43 -0500 schrieb Gerald (Jerry) Carter: > The stance now is that the primaryGroupSID attribute > in the passdb ignored and the actual value is generated > on the fly based on the user's real Unix primary group. So do I get it right, that Samba set the primaryGroupSID to the "Domain Users" SID, if the users primary unix group is not mapped to nt group and even if the user is not member of it? And only if the users primary group is mapped, this one is assigned to his samba account as primaryGroupSID? So, if I have given the Domain Users richts not to all my users. And I got a user who is not member of a mapped group. His primary group rid is 513 and he is allowed to log on to a workstation. And I have given some special permissions to a folder for the Domain Users group. Then my user is able to gain the permissions the users of the Domain Users group have which he is not intended to have. I hope it's not really working that way... Mario
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
