>> I'm having an issue with sudo not recognizing nested groups via AD and >> winbind. I have an AD group called UnixAdmins and when I ad and AD >> account *directly* into this group, I am able to use sudo just fine as >> it is in the sudoers. *but* say I have a nested group in UnixAdmins >> like CustomerUsers or whatnot it won't recognize. Now, I also restrict >> access via pam.d systems-auth to UnixAdmins, so I know that part it >> working. Also, when I run and "id" it shows the proper groups. It's >> just seems sudo won't recognize the nested groups :-( >> >> Anyone run into this issue before? It's gonna be an admin nightmare >> just to populate UnixAdmins with individual accounts ..
> This was fixed in the upcoming 3.2 release. See the "winbind expand groups" > option. is there anyway to patch 3.0.28a to allow for this? or any kind of workaround? Glenn E. Bailey III terremark worldwide -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
