Thanks, I already knew that getent group wouldn't work (on the original
post ;)).
Thanks for the quick answer anyway. So, according to AD ACL's, it's
possible that a machine in a domain which needs to check group access
(i.e. a samba box) may not get accurate information about whether a user
is a member of a group? Or just that the ACL's may forbid the
enumeration of group members for particular groups?
Thanks
Diego
Volker Lendecke wrote:
On Mon, Jun 12, 2006 at 08:19:48AM -0600, Diego Rivera wrote:
members of an ADS group, with something other than the "id" command for
each user, or "getent group"? The "id" works but then I'd have to
getent group <groupname>
should give you what you want. But we do not give *any*
guarantees about the correctness of the result. There's a
number of reasons for not filling in the members correctly,
a number of them being out of our control (AD ACLs).
Volker
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
