I've gotten Samba+LDAP working on one network, and trust relationship established with a remote AD network. I've also got my samba groups as members of the AD groups (eg, Samba "users" is a member of AD "users", with the ACL stuff working as expected). Going the other direction seems somewhat non-obvious however. Somehow, I will need to include the winbind groups as members of the LDAP-based groups. Does this work? Any pointers? Thanks -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
Felipe Augusto van de Wiel
2005-Oct-14 13:25 UTC
[Samba] remote groups as members of a samba ldap group
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Eric A. Hall escreveu:> I've gotten Samba+LDAP working on one network, and trust > relationship established with a remote AD network. I've > also got my samba groups as members of the AD groups (eg, > Samba "users" is a member of AD "users", with the ACL > stuff working as expected). Going the other direction seems > somewhat non-obvious however. Somehow, I will need to include > the winbind groups as members of the LDAP-based groups.> Does this work? Any pointers?I'm not sure, but sound like [1]InterDomain Trust should work for you. Maybe I misunderstood the problem, but I believe it could be a start point. =) [1]http://us4.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetCommand.html#id2583245 Kind regards, - -- ////////// // Felipe Augusto van de Wiel <felipe@paranacidade.org.br> // CTI/Suporte - SEDU/PARANACIDADE // http://www.paranacidade.org.br/ ////////// -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFDT7HlCj65ZxU4gPQRAoYsAJ0dkFsIw0VsrtYelZb6sVoudmAAYACgswh4 0ON6myN285Zy3AO4KaqIf6s=XAWe -----END PGP SIGNATURE-----