Rowland Penny
2022-Aug-17 12:31 UTC
[Samba] unix_primary_group not used when writing files
On Wed, 2022-08-17 at 12:31 +0100, Matthew Richardson via samba wrote:> I have a samba server (v4.13.17 - Ubuntu 20.04) set up joined to an > AD > domain, with the following idmap config: > > [global] > workgroup = MYDOM > realm = MYDOM.EXAMPLE.COM > security = ads > idmap config * : backend = tdb > idmap config * : range = 3000 - 9999 > idmap config MYDOM : backend = ad > idmap config MYDOM : schema_mode = rfc2307 > idmap config MYDOM : range = 10000 - 9999999 > idmap config MYDOM : unix_primary_group = yes > idmap config MYDOM : unix_nss_info = yes > winbind use default domain = yes > > All users in the domain have the unix attributes set (gidNumber, > loginShell etc). There is also a group with the same gid as the > user's > gidNumber, and that user is a member of that group. > > This shows up fine using the nss commands, e.g.: > > $ getent passwd alice > > alice:*:12345:12345:Alice Smith:/home/alice:/bin/bash > > $ getent group alice > > alice:x:12345: > > $ groups alice > > alice : alice domain usersHow have you managed to have a user called 'alice' and a group called 'alice' ? Rowland
Matthew Richardson
2022-Aug-17 12:36 UTC
[Samba] unix_primary_group not used when writing files
Apologies - I anonymised the real user values and put 'alice' in as the group by mistake - it should say 'g_alice'. Thanks, Matthew On 17/08/2022 13:31, Rowland Penny via samba wrote:> On Wed, 2022-08-17 at 12:31 +0100, Matthew Richardson via samba wrote: >> I have a samba server (v4.13.17 - Ubuntu 20.04) set up joined to an >> AD >> domain, with the following idmap config: >> >> [global] >> workgroup = MYDOM >> realm = MYDOM.EXAMPLE.COM >> security = ads >> idmap config * : backend = tdb >> idmap config * : range = 3000 - 9999 >> idmap config MYDOM : backend = ad >> idmap config MYDOM : schema_mode = rfc2307 >> idmap config MYDOM : range = 10000 - 9999999 >> idmap config MYDOM : unix_primary_group = yes >> idmap config MYDOM : unix_nss_info = yes >> winbind use default domain = yes >> >> All users in the domain have the unix attributes set (gidNumber, >> loginShell etc). There is also a group with the same gid as the >> user's >> gidNumber, and that user is a member of that group. >> >> This shows up fine using the nss commands, e.g.: >> >> $ getent passwd alice >> >> alice:*:12345:12345:Alice Smith:/home/alice:/bin/bash >> >> $ getent group alice >> >> alice:x:12345: >> >> $ groups alice >> >> alice : alice domain users > > How have you managed to have a user called 'alice' and a group called > 'alice' ? > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/sambaThe University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. Is e buidheann carthannais a th? ann an Oilthigh Dh?n ?ideann, cl?raichte an Alba, ?ireamh cl?raidh SC005336.