Mr. G, Are you using the "net groupmap" facility to assign local UNIX groups to your Windows Domain Groups?
ie: net groupmap modify ntgroup="Domain Whatsis" unixgroup=aunixgroup - John T. On Friday 04 February 2005 13:06, Wong, G. MR EECS wrote: > I'm using samba version 3.0.10 on an Intel PC running Redhat Linux 3.0 > AS. I am using winbind with the idmap_rid module to authenticate users > to Windows AD. All the current Linux user account names are exactly the > same as the corresponding Windows AD SAM acct names. Everything works > beautifully EXCEPT for the GIDs generated from the from the AD Groups > that the Windows accounts belong to. (The UIDs are NOT a problem.) It > seems like they all belong to the same group of "Domain Users". > > This is what I DO NOT want! At a minimum I need to have users in one of > 2 Linux groups - as their primary group - a faculty or a student group > since our current utility programs use Linux group permissions to work > properly. A student account can easily be determined from the > SAMaccountName - if it starts with a lowercase "x". If not it is a > faculty account. > > I DO NOT control the info in the Windows AD system. > > Is there a way to force a user be put into a particular (LOCAL) Linux > group when logging into a Linux host running Samba winbind. This would > be there primary group while logged in. > I really have no use for the domain group. > > Is there a utility or would the code have to be hacked? If the latter > is true what C programs need to be modified? -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
