>valid users = domain\adsuser01, domain\adsuser02 > winbind use default domain = yes > > I have it set to no.
If I set it to no then while using ssh users will have to preeceed their ids with the domain name, which I dont want. My point is when in the smb.conf file the "security=ADS" and all the other required things have already been specified then SAMBA should not demand the domain name to be preceeded. it should leave the authentication to the underlying PAM libraries...... > > >(2.) specifying a linux group which has AD users as > >its members. > > > Also, why do you want to define your groups on the > linux server? Make samba lookup a group on the AD server and configure > all your share groups centrally. Have you tried using @ instead of > "+" in your share definition? > That's the problem the group I have in my linux box are linux application group and they are required by the application. I have given the application a local account and group instead of letting it go to AD and authenticate. Yes I have tried to use @ instead of +. Does not work. The samba documentation says that + and @ looks at the unix groups and expands them, and I have manually edited my unix group file to contain the list of AD users in their respective groups. Still it does not work. Although sudo does allow an AD user to work if I add it to the wheel group. > For basic share access, I have this in my smb.conf - > valid users = @ISHISYSTEMS\store-finance > -------------------------------------- > > getent group gives me this - ...[snipped...] I see your point. This defintely will work. But the problem, the groups are not on AD.... and I dont want to create them. Thanks for replying. Any further ideas...? Regards. Ajitabh Pandey __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 _______________________________________________ linux-india-help mailing list linux-india-help@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-india-help
