samba - Feb 2003 - Groups with Samba domain controler or domain member

Does anybody know more about groups? I am considering switching from NT 
to Samba domain and have made some test. Unfortunately I need to make 
two additional groups, except Domain Admin (one of them is Domain 
Users). Is it possible to make that with the stable version of Samba? 
And another, but not so important (for now) question. Currently I have a 
Samba server, providing files and printers as a part of NT domain. It 
has winbind running, and I can list all NT rous and users in the samba 
box. However, manipulating group ownership on files works only with 
groups that don't have spaces in their names. Does anybody know how to 
overcome this?

__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com

--- bgforum2002@yahoo.co.uk wrote:
> Does anybody know more about groups? I am
> considering switching from NT 
> to Samba domain and have made some test.
> Unfortunately I need to make 
> two additional groups, except Domain Admin (one of
> them is Domain 
> Users). Is it possible to make that with the stable
> version of Samba? 
> And another, but not so important (for now)
> question. Currently I have a 
> Samba server, providing files and printers as a part
> of NT domain. It 
> has winbind running, and I can list all NT rous and
> users in the samba 
> box. However, manipulating group ownership on files
> works only with 
> groups that don't have spaces in their names. Does
> anybody know how to 
> overcome this?
chgrp 'Domain Admins' some_file.txt

Good luck,
/dev/idal

__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com

--- Jim Wharton <jwharton@acpafl.org> wrote:
> It appears to me that there are only two groups
> these days... Domain Admins
> and Domain Users. I did remember that countless
> groups could be added and
> mapped to Unix groups. Is this still possible
> without downgrading to <
> samba-2.2?
Sorry, I don't know.  I see all of my NT groups with
getent group in Samba 2.2.7a.

Anyone else know?
/dev/idal

__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com

Hi, 

I had two logon server on Samba 302alpha on a domain DOM to provide
failover environment.
With smbgroupedit I can map domain group but I must using 
"net setlocalsid MY-SID-DOMAIN" on the second server to map the same
domains groups with domain SID on the two server. 

On the other hands I can see  "net rpc getsid" command that fetch the
domain sid into the local secrets.tdb. 

If I set a localSID, different from domainSID i have:

smbgroupedit -s
pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.
 

Is there is a problem to have identical local sid on two differents
server ?
Does I use the good way to provide failover?

Thanks.

--- Chris de Vidal <cdevidal@yahoo.com> wrote:
> --- bgforum2002@yahoo.co.uk wrote:
> > >Are you using RedHat 8.0?  It's also broken on my
> > >RedHat 8.0 workstation; I think it's because
> there
> > are
> > >so many members of that group and some broken
> > library
> > >in 8.0 can't handle long group memberships.  It's
> > >working perfectly on all of my 7.3 servers.
> > >
> > >A _possible_ workaround is:
> > >getent group | grep 'Domain Users'
> > >(find out what the group id is.  On my system,
> it's
> > >10000).
> > >chgrp 10000 -R some_directory
> > >
> > >I can't test it, it's just a thought.  I'm
> waiting
> > >anxiously for RedHat 8.1, but I'm also
> considering
> > >moving my workstation to Debian.
> > >
> > Well it is Redhat 8.0. So may be it is specific
> > Redhat problem, but not 
> > so important for me by now; however it is good if
> > you know everithing 
> > works as it should work.
> 
> Update: The bug has been fixed in RedHat Rawhide
> (8.1
> beta).  I downloaded glibc-2.3.1-46 and it worked
> for
> me, but it might not work for you, or worse, crash
> hard.  Use at your own risk.
Update again:
glibc-2.3.1-46 _did_ break alot of things.  I
downgraded back to the one that came on the RedHat 8.0
CD.

You could downgrade to RedHat 7.3 (run up2date!) to
fix this problem, or work around it as I described.  I
hadn't tested that workaround, so your only option
could be going back to 7.3.

Good luck,
/dev/idal

__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com