Short answer, yes.
You should/do get all the groups listed with ifmember /list but get
different results
with the Solaris nsswitch.conf than padl's nsswitch.conf. I have it
working, through
changing only this one library. There may of course have been problems
with my
ldap_client_file that didn't show up at the OS level but scuppered what
samba was asking
for. Didn't see any error messages though.
Cheers.
Duncan Brannen wrote:
Hi,
When Samba is running as a PDC and a workstation is joined to the
Domain, should the user
logged into the workstation be able to see all the groups they are a
member of using `ifmember /list`?
Is the below output as expected? I'm I correct thinking that as all
my groups originate
in the Unix world, I don't need winbind to allow the Workstations to
see them?
For what it's worth, Solaris 10 (Sparc) Samba 3.2.1 and OpenLDAP,
everything bar
the Samba version should be irrelevant as it's hidden behind nsswitch
and passdb backend?
It's a clean OS / Ldap install with the smbldap tools used to populate
the directory and create
the user, then 'net rpc' used to create groups and add members.
Thanks,
Duncan
-----
On the PDC
/usr/local/samba/bin/net rpc group members room11 -Uroot%password
CROOMTEST\dunk
/usr/local/samba/bin/net groupmap list
Domain Admins (S-1-5-21-440367617-1876916578-3462541782-512) -> Domain
Admins
Domain Users (S-1-5-21-440367617-1876916578-3462541782-513) -> Domain
Users
Domain Guests (S-1-5-21-440367617-1876916578-3462541782-514) -> Domain
Guests
Domain Computers (S-1-5-21-440367617-1876916578-3462541782-515) ->
Domain Computers
Administrators (S-1-5-32-544) -> Administrators
Account Operators (S-1-5-32-548) -> Account Operators
Print Operators (S-1-5-32-550) -> Print Operators
Backup Operators (S-1-5-32-551) -> Backup Operators
Replicators (S-1-5-32-552) -> Replicators
room11 (S-1-5-21-440367617-1876916578-3462541782-3003) -> room11
room9 (S-1-5-21-440367617-1876916578-3462541782-3005) -> room9
getent group
...
room11::1001:dunk
getent passwd
...
dunk:x:1000:512:System User:/home/dunk:/bin/bash
-----
On the workstation
net group /domain room11
returns dunk as a member
net group /domain
returns a list of all the groups mapped on the pdc that start S-1-5-21-
ifmember /list
returns the primary group CROOMTEST\Domain Admins
\Everyone
BUILTIN\Administrators
BUILTIN\Users
\Local
NT Authority\INTERACTIVE
NT Authority\Authneticated Users
--
The University of St Andrews is a charity registered in Scotland : No SC013532
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba