Gerald (Jerry) Carter wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Charles J Gruener wrote: >> I tried searching through the archives, but was unable to find anything >> about this. >> >> Everything regarding windbind and AD membership is working perfectly with >> one exception. Here's an example of what I'm experiencing: >> >> A group called "department_users" contains two groups >> "department_faculty" >> and "department_staff". These two groups, "department_faculty" and >> "department_staff" contain users. >> >> 'getent group department_faculty' returns: >> >> department_faculty:x:9315:user1,user2,user3 >> >> 'getent group department_staff' returns: >> >> department_staff:x:9316:user4,user5,user6 >> >> 'getent group department_users' returns: >> >> department_users:x:9317: > > Charles, This is a known issue at the moment. If we did > a limited amount of nested group expansion (one level for > example, would that be ok)?
For our deployment usecase, we'd need an absolute minimum of 3 levels of expansion, depending on the definition of level. For us we have: user1 is a member of group1 group1 is a member of group2 group2 is a member of group3 We need to check if user1 is a member of group3. -- Rex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
