> I could not find anything in the discussion groups or documentation > about using LDAP and Unix group mappings. > The documentation states that in order to map unix groups to samba > groups, you need to use the net group add command. However, I have an > ldap backend and all my groups, that I care about are in LDAP.
It makes no difference; groups from LDAP presented via NSS are "unix groups" > So I have a group called mainwdev. > dn: cn=test,ou=Group,dc=somewhere,dc=com > objectClass: posixGroup > objectClass: sambaGroupMapping > sambaSID: S-1-5-21-582185903-2148186938-2210701745-801 > sambaGroupType: 2 > objectClass: top > cn: test > gidNumber: 801 > memberUid: user1 > memberUid: user2 > memberUid: user3 > memberUid: user4 > memberUid: user5 > memberUid: user6 > Now, if I run "net groupmap list", I can see the group mapping as > follows. > test (S-1-5-21-582185903-2148186938-2210701745-801) -> test > But when I attempt to log onto a share that only allows anyone that > belongs to the group test (say user1), i get permission denied errors. Are you running nscd? Did you restart/stop it and do your test? Always test with nscd disabled. Does "id user1" show him/her in group "test"? > Do I still have to run "net group map" command to establish a > relationship between unix and samba groups? Looks like you already did. -- Adam Tauno Williams, Network & Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
