Robert Rati wrote:
I think I understand. So, if I want a user (in LDAP) to be a part of your ntadmins group, I'd set his gidNumber to 1000, correct? Would I also need to add a memberUid field in the ntadmins group for this user? IE for user bob:
You could set the users gidNumber to 1000, but I think the user name still needs to appear in a memberUid of the group. For my setup all users have the gid of 100 for the unix group "users" Then I just add the memberUid to the ntadmins group and they are now members of the ntadmins.
dn: cn=ntadmins,ou=Groups,dc=firerun,dc=net cn: ntadmins objectClass: top objectClass: posixGroup gidNumber: 1000 memberUid: root memberUid: patrick memberUid: bob
Can an LDAP user have a gidNumber of 0 and be a root user on a Unix machine?
As mentioned in an eariler message yes you can provided you are using LDAP for authentication on the Unix machine.
Patrick
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
