I forgot to mention that I also use along with the other: write list = @ad\securitygroupname
On Tue, Feb 1, 2011 at 8:19 AM, grant little <grantlid...@gmail.com> wrote: > Yes I do that using: > valid users = @ad\securitygroupname > > works like a charm. > > also in my config, don't know if it relates: > workgroup = AD > realm = AD.MYDOMAIN.XXX > > On Tue, Feb 1, 2011 at 5:57 AM, julien mabillard <j...@mbuf.net> wrote: > >> Hello, >> I post here my question after having spent time on google and forums >> and documentation to find a clue. >> >> I use: >> GNU/Linux RHEL5 x86_64 >> Samba Version 3.5.6 >> Active Directory 2003 on Windows 2003/2008 >> >> I want to allow an authenticated user (AD authenticated) to access >> a share partition under samba only if one of his secondary groups >> is a defined one. >> >> ex: user joe >> uid=4001(joe) gid=4010(domain users) groups=4010(domain users), >> 4011(IT),4012(operations) >> >> I want to be able to only allow group 'operations' to access the >> share. I was trying to use : valid users = @operations >> or : valid users = @MYDOM\operations >> >> But I only get success with the gid 'domain users'. >> >> Can someone tell me if this is possible to do? >> >> Thank you very much. >> >> >> -- >> refs : https://mbuf.net/ >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba