-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stefan Pfetzing wrote: > Hi, > > 2006/6/14, Gerald (Jerry) Carter <[EMAIL PROTECTED]>: >> Stefan Pfetzing wrote: >> > Currently its not clear to me whether its possible >> > to do nested groups with samba at all. AFAIK its >> > possible to have Samba resolve nested groups when >> > run as a domain member, but what about a PDC (and >> > a BDC)? >> >> The NT4 model for nested groups is supported on Samba >> DC's as well. You just have to run winbindd. > > I just tried to do so, but samba miserably fails when nss_ldap is not > used. smbd complains about some users, which are in the ldap database, > but cannot be looked up as posix user. > > Also, if I enable the lookup of the local domain, and run winbindd and > have nss_winbind enabled, getent passwd does not lookup the > user/group. > > So I don't get how I should use winbindd directly on the pdc.
Winbind on a PDC with only handle (a) expanding local nested groups (b) trusted users All domain groups and domain users are handled by the passdb. cheers, jerry ===================================================================== Samba ------- http://www.samba.org Centeris ----------- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEmTyfIR7qMdg1EfYRAtgkAKCn+/PmiuiBZuU6t0FXGSJL7VqQVACeK2X1 1wSPLc4mqzGO6Md9Y7QP/l4= =m1Wt -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
