Yes I do that using: valid users = @ad\securitygroupname works like a charm.
also in my config, don't know if it relates: workgroup = AD realm = AD.MYDOMAIN.XXX On Tue, Feb 1, 2011 at 5:57 AM, julien mabillard <[email protected]> wrote: > Hello, > I post here my question after having spent time on google and forums > and documentation to find a clue. > > I use: > GNU/Linux RHEL5 x86_64 > Samba Version 3.5.6 > Active Directory 2003 on Windows 2003/2008 > > I want to allow an authenticated user (AD authenticated) to access > a share partition under samba only if one of his secondary groups > is a defined one. > > ex: user joe > uid=4001(joe) gid=4010(domain users) groups=4010(domain users), > 4011(IT),4012(operations) > > I want to be able to only allow group 'operations' to access the > share. I was trying to use : valid users = @operations > or : valid users = @MYDOM\operations > > But I only get success with the gid 'domain users'. > > Can someone tell me if this is possible to do? > > Thank you very much. > > > -- > refs : https://mbuf.net/ > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
