On 29/10/14 09:31, Stefan Kania wrote:> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
>
> after I joined an new machine into my domain, "getent group" is
not
> showing any domaingroup.
This is a known feature, if you want 'getent group' to work like
'getent
passwd', you will need to give every group a gidNumber.
> The domainusers are listet with "getent
> passwd" as expected. In nsswitch.conf winbind is used with
"passwd"
> and "group". Wbinfo -g shows all groups. "net rpc
testjoin" gives the
> right result. I can get a Kerberos-Ticket with "kinit" for all
users.
> I can use Kerberos-autentication with "smbclient -L host -k"
> A "chgrp 'domain admins' file" gives "chgrp: invalid
group: ?domain
> admins?"
If I try to change the group ownership of a file on a client, I get this:
chgrp 'domain admins' testfile.txt
chgrp: changing group of ?testfile.txt?: Operation not permitted
But if I use sudo, it works
sudo chgrp 'domain admins' testfile.txt
ls -la testfile.txt
-rw-r--r-- 1 rowland domain_admins 0 Oct 29 09:47 testfile.txt
Can you post the result of:
getent group Domain\ Admins
Rowland
> But if I da a "chgrp 100512 file" groupownership ist set to
> "domain admins" AND shows the name of the group and NOT just the
ID.
> It's a Memberserver and not a DC.
>
> Any hint where I should look?
>
> Thanks
>
> Stefan
>
> - --
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
>
> iEYEARECAAYFAlRQtAoACgkQ2JOGcNAHDTaj9QCdG9CFMq4TBrTCxKqxK5joVRei
> HAwAoKbbSmm/qOaME90KS0tLFda4FxsU
> =7M//
> -----END PGP SIGNATURE-----