My configuration has Samba domain controllers, not Windows domain
controllers, so my setup may not be applicable to you.
However, in order for unix to use windows groups I believe it needs to
use "getent group" to pull the information from winbind. First of all,
you need to make sure that winbind itself is showing users and/or groups
from the Windows server
"wbinfo -u"
"wbinfo -g"
Then you need to make sure that /etc/nsswitch.conf has been updated for
winbind e.g
passwd: files ldap winbind
group: files ldap winbind
nsswitch.conf is used by things like getent and id.
If you are using pam_smb (I have not) the above information may not be
relative.
On 11/29/2010 01:27 AM, Peter Trifonov wrote:
Hi,
Does "getent group" show the "Windows" groups?
No, it does not.
However, the id command displays only the primary group for domain
users.
Furthermore, domain users are not able to access any files owned by
their
> non-primary domain groups.
For example, running
$ id petert
results in the following output:
uid=10000(petert) gid=10009(domain users) groups=10009(domain users)
With best regards,
P. Trifonov
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
