Local group auth not working for domain members with SECURITY=ADS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



	I have a Samba 3.5.10 (Cent 6) server succesfully joined to the
domain.  Domain logins and domain group control are working.  I have a share
configured with "valid users = +unixgroup" that my domain user cannot access
but my local unix user can.  The only group related error message is coming
from string_to_sid(), which I am confident is a red-herring.
	My goal in this experiment is to try and get NSS based group access
working, so that I can expand to non-AD group lists.  I have a rather
convoluted auth backend that I'm trying to glue Samba onto, and I don't control
the AD servers.  I have tried "net sam mapunixgroup unixgroup" but that did not
change the result.  I did not try adding users to the group via "net sam" as
that is not a workable solution for my end goal.
	 My question at this time is if this is behavior is expected. Will
Samba check the NSS groups for domain members?  Also, I see samba calls
getgrouplist() samba3/lib/from system_smbd.c.	Is this code executed for
domain member lookups?
	Thanks in advance.

-- 
Tom Noonan II
ESL Technician - Randstad
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba


[Index of Archives]     [Info Cyrus]     [LARTC]     [Bugtraq]     [Netfilter]     [RAID]     [Trinity TED Users]     [Yosemite News]
  Powered by Linux