So the group is local, and yet you said that > > > | valid users = @group as well as > > > | valid users = @DOMAIN\group doesn't work, while | valid users = DOMAIN\pt, DOMAIN\rl, jr works.
The private group has the users rl,pt,jr: | private:x:504:rl,pt,jr Now I wonder: do all three users work? As I see it, pt and rl are domain users, while jr is a local user? I assume that samba looks for DOMAIN\pt when user pt logs in, who is not listed in the DOMAIN domain, nor in the "private" group. Try putting DOMAIN\pt as a member of "private". Or what does "getent passwd rl pt jr" give you? > If I use any other local group (without users imported via > winbind) they are not listed by "wbinfo -g" as well, but still they > behave like expected. What do you mean by "they behave like expected"? Other groups work with the "valid users" setting? wbinfo should list informations that are known to winbind. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba