Why is it that when I use "/usr/share/samba/scripts/smbldap-userad.pl -a Administrator -g dadm" that the group doesn't get changed to dadm? Instead it stays set to the value specified in $_defaultUserGid. Also, I must say that I find the default of *not* adding a group for the user very counter-intuitive. What exactly is the difference between gidNumber and primaryGroupID in a users record? Jim C.
Don't know if this got sent properly the first time so I am resending. Why is it that when I use "/usr/share/samba/scripts/smbldap-userad.pl -a Administrator -g dadm" that the group doesn't get changed to dadm? Instead it stays set to the value specified in $_defaultUserGid. Also, I must say that I find the default of *not* adding a group for the user very counter-intuitive. What exactly is the difference between gidNumber and primaryGroupID in a users record? Jim C.
Markus Schabel
2003-Feb-27 22:28 UTC
[Samba] Need help understanding smbldap-tools and user records
Jim wrote:> Why is it that when I use "/usr/share/samba/scripts/smbldap-userad.pl -a > Administrator -g dadm" that the group doesn't get changed to dadm? > Instead it stays set to the value specified in $_defaultUserGid. Also, > I must say that I find the default of *not* adding a group for the user > very counter-intuitive.Not sure, maybe they add the user Administrator as memberUid to the group dadm?> What exactly is the difference between gidNumber and primaryGroupID in a > users record?The gidNumber is the unix/linux-groupID, the primaryGroupID is the ID used by windows in a domain. regards -- \\\ ||| /// _\=/_ ( @ @ ) (o o) +--------oOOo-(_)-oOOo--------------------------oOOo-(_)-oOOo------+ | Markus Schabel TGM - Die Schule der Technik www.tgm.ac.at | | IT-Service A-1200 Wien, Wexstrasse 19-23 net.tgm.ac.at | | markus.schabel@tgm.ac.at Tel.: +43(1)33126/316 | | markus.schabel@members.fsf.org Fax.: +43(1)33126/154 | | FSF Associate Member #597, Linux User #259595 (counter.li.org) | | oOOo Yet Another Spam Trap: oOOo | | ( ) oOOo yast@tgm.ac.at ( ) oOOo | +--------\ (----( )--------------------------\ ( -----( )-----+ \_) ) / \_) ) / (_/ (_/ Computers are like airconditioners: They stop working properly if you open windows.
Jim
2003-Feb-27 22:43 UTC
[Samba] Re: Need help understanding smbldap-tools and user records
Are they the same then or are there SID issues?> The gidNumber is the unix/linux-groupID, the primaryGroupID is the ID > used by windows in a domain. > > regards
Jim
2003-Feb-28 00:28 UTC
[Samba] Re: Need help understanding smbldap-tools and user records
Another question. I'm not a Perl writer so I need to know if the -g and -G options for smbldap-useradd.pl assume the pre-existence of the group in question. I have to say that I am not very pleased with the fact that a group is not by default added for the user. Niether does there seem to be a way to do this easily. The end consequence is that you wind up with the default group meaning that unless you have permissions set to 700 that all other users get access. This is not something I would prefer from a security standpoint since one cannot really expect users to understand permissions. Jim C.