search for: testgroup

...ere the files and folders in the share root should at least be readable by anybody having access to the share. For the sake of simplicity the following permissions apply on the share: Inheritance disabled Owner: root (Unix User\root) Domain Admins: full control (this folder, subfolder and files) Testgroup: read & execute (this folder, subfolder and files) System: full control (this folder, subfolder and files) creator owner: (this folder, subfolder and files) I want however, to set ownership and access permissions for different groups to different sub folders. So with acl_xattr:ignore system a...

...share root > should at least be readable by anybody having access to the share. For > the sake of simplicity the following permissions apply on the share: > > Inheritance disabled > Owner: root (Unix User\root) > Domain Admins: full control (this folder, subfolder and files) > Testgroup: read & execute (this folder, subfolder and files) > System: full control (this folder, subfolder and files) > creator owner: (this folder, subfolder and files) > > I want however, to set ownership and access permissions for different > groups to different sub folders. So with ac...

...> - clean windows AD users. > id testuser > uid=3000338(BAZRTD\testuser) gid=10000(BAZRTD\domain users) groups=10000(BAZRTD\domain users),3000338(BAZRTD\testuser),3000009(BUILTIN\users) > > net cache flush > > - Assigned a UID + Primary Group, shell. ( testing Primary group : testgroup ) > id testuser > uid=10128(NTDOM\testuser) gid=10000(NTDOM\domain users) groups=10000(NTDOM\domain users),3000009(BUILTIN\users) > ? no primary group/GID as i did set. > > net cache flush > > - Going to Tab : Member of group. > Added group testgroup > Selected it, and c...

Hi, I have two samba domains. On one member of DOMAIN1 I set up a share "intranet" with valid users = +"DOMAIN1+webmaster" +"DOMAIN2+TestGroup" Winbindd is running. When I try to access the share from a DOMAIN2 workstation permission is denied. When I look at the logfile, I see that the server tries to find the group of DOMAIN2 (TestGroup) in ldap of the local DOMAIN1: [2007/09/10 10:24:08, 3] lib/util_sid.c:string_to_sid(223)...

...so i have the Unix tab. ;-) - clean windows AD users. id testuser uid=3000338(BAZRTD\testuser) gid=10000(BAZRTD\domain users) groups=10000(BAZRTD\domain users),3000338(BAZRTD\testuser),3000009(BUILTIN\users) net cache flush - Assigned a UID + Primary Group, shell. ( testing Primary group : testgroup ) id testuser uid=10128(NTDOM\testuser) gid=10000(NTDOM\domain users) groups=10000(NTDOM\domain users),3000009(BUILTIN\users) ? no primary group/GID as i did set. net cache flush - Going to Tab : Member of group. Added group testgroup Selected it, and clicked on "Set Primary Group"...

...00 sdg: assuming drive cache: write through sdg: sdg1 sd 27:0:0:0: Attached scsi disk sdg sd 27:0:0:0: Attached scsi generic sg6 type 0 usb-storage: device scan complete [root at kasse ~]# pvcreate /dev/sdg1 Physical volume "/dev/sdg1" successfully created [root at kasse ~]# vgcreate testgroup /dev/sdg1 Volume group "testgroup" successfully created [root at kasse ~]# lvcreate -L 200M testgroup -n testLV Logical volume "testLV" created At this point, I have /dev/testgroup/testLV, which I can stick a fs on, mount, store files on, unmount, remount and recover th...

Hi, I tried to configure the new idmap interface. Currently without much success. I have two samba domains, trusting each other. Each PDC using it's own LDAP server. I tried idmap domains = DOM1, DOM2 idmap config DOM1:default = yes idmap config DOM1:backend = ldap idmap config DOM1:ldap_base_dn = ou=Idmap,dc=dom1,dc=mydomain,dc=de idmap config

...; uid=3000338(BAZRTD\testuser) gid=10000(BAZRTD\domain users) > groups=10000(BAZRTD\domain > users),3000338(BAZRTD\testuser),3000009(BUILTIN\users) > >> > >> net cache flush > >> > >> - Assigned a UID + Primary Group, shell. ( testing Primary group : > testgroup ) > >> id testuser > >> uid=10128(NTDOM\testuser) gid=10000(NTDOM\domain users) > groups=10000(NTDOM\domain users),3000009(BUILTIN\users) > >> ? no primary group/GID as i did set. > >> > >> net cache flush > >> > >> - Going to Tab :...

On 20/08/2019 11:16, L.P.H. van Belle via samba wrote >> The problem with that is, 'id' gets its info from the same place that >> 'getent' does, so the OP will still get the wrong group ;-) >> >> Rowland > Maybe i did not understand the question then. > In: id username |awk -F"=" '{ print $2 }'|cut -d"(" -f1 > $2 = GID

...users. >> id testuser >> uid=3000338(BAZRTD\testuser) gid=10000(BAZRTD\domain users) groups=10000(BAZRTD\domain users),3000338(BAZRTD\testuser),3000009(BUILTIN\users) >> >> net cache flush >> >> - Assigned a UID + Primary Group, shell. ( testing Primary group : testgroup ) >> id testuser >> uid=10128(NTDOM\testuser) gid=10000(NTDOM\domain users) groups=10000(NTDOM\domain users),3000009(BUILTIN\users) >> ? no primary group/GID as i did set. >> >> net cache flush >> >> - Going to Tab : Member of group. >> Added group t...

...joined with net ads join, dns updated correctly and host is able to resolv domain names, followed the howto on samba wiki, tried also by installing from source with parameters suggested in but with no luck) NOTE: disabled iptables and selinux in this test environment NOTE: created testuser and testgroup with windowsRSAT (AD users&computers) and filled the UNIX attributes tab.. so I suppose at least for that 2 user and group I have correctly set UID GID ____________________config files_______________________________ ##############/etc/samba/smb.conf [global] workgroup = MY security...

...main from gui and command line. Samba Version 4.12.6 Here a small bash script to setup an example via command line: ============= #!/bin/bash # variables used in the script TestOU="TestSamba-OU-OWNER-RIGHTS" TestUser="TestSamba-User-OR" TestUserPWD="TestUserPW1!" TestGroup="acl-ad_TestSamba-Group-OR_ou-rw" Base_OU_DN="DC=ad,DC=something,DC=com" Group_OWNER_RIGHTS="OWNER RIGHTS" AD="AD\\" Test_OU_DN="OU=${TestOU},${Base_OU_DN}" # delete Test_OU_DN ( might be necessary to run script multiple times ) # samba-tool ou d...

...000(BAZRTD\domain users) > >> groups=10000(BAZRTD\domain > >> users),3000338(BAZRTD\testuser),3000009(BUILTIN\users) > >>>> net cache flush > >>>> > >>>> - Assigned a UID + Primary Group, shell. ( testing Primary group : > >> testgroup ) > >>>> id testuser > >>>> uid=10128(NTDOM\testuser) gid=10000(NTDOM\domain users) > >> groups=10000(NTDOM\domain users),3000009(BUILTIN\users) > >>>> ? no primary group/GID as i did set. > >>>> > >>>> net cache fl...

...ame works great, but the @group oder +group statement does not work. But the users in the @group does never get access to the shares! I'm using Samba 3.2.5-4 on Debian Lenny the LDAP server is located at an Debian Etch system. But this ldap server works quite good. My LDAP group information: testgroup (S-1-5-21-4204975087-1903821728-268752978-1001) -> testgroup getent group | grep testgroup testgroup:*:1001:wpkg,genanntftk My LDAP export: dn: cn=testgroup,ou=Groups,dc=pogo,dc=local,dc=lan objectClass: posixGroup objectClass: top objectClass: sambaGroupMapping cn: testgroup gidNumber: 1001...

...ut sometimes it randomly breaks. Here is an example of a share's configuration: [testshare] comment = Test Share path = /test/testshare writeable = yes create mask = 770 directory mask = 770 if the share's directory has the following permissions: drwxrwx--- 2 root DOMAIN\testgroup 4096 Dec 7 14:54 testshare Then, anyone in the "DOMAIN\testgroup" should have read/write access to the share, correct? Instead, when I try to access the share, I get prompted for credentials, and then get denied. The following error is displayed in SMB logs: ==> /var/log/samba/__f...

...000338(BAZRTD\testuser) gid=10000(BAZRTD\domain users) >> groups=10000(BAZRTD\domain >> users),3000338(BAZRTD\testuser),3000009(BUILTIN\users) >>>> net cache flush >>>> >>>> - Assigned a UID + Primary Group, shell. ( testing Primary group : >> testgroup ) >>>> id testuser >>>> uid=10128(NTDOM\testuser) gid=10000(NTDOM\domain users) >> groups=10000(NTDOM\domain users),3000009(BUILTIN\users) >>>> ? no primary group/GID as i did set. >>>> >>>> net cache flush >>>> >>&...

...ch server has it's own entry, but all use the same SID. This setup is not exactly pretty, but it "works". Still, unexpectedly Samba on server01 sees groups in other branches than "ou=server01,ou=smb,ou=Groups" (with "net groupmap list"). example: - group is cn=testgroup,ou=server02,ou=smb,ou=Groups,dc=domain,dc=tld - on server01 this group is visible with "net groupmap list ntgroup=testgroup" - "getent group testgroup" does not work (as expected) Why is this? thx matthias

.... >> >> This setup is not exactly pretty, but it "works". Still, unexpectedly >> Samba on server01 sees groups in other branches than >> "ou=server01,ou=smb,ou=Groups" (with "net groupmap list"). >> >> example: >> - group is cn=testgroup,ou=server02,ou=smb,ou=Groups,dc=domain,dc=tld >> - on server01 this group is visible with "net groupmap list >> ntgroup=testgroup" >> - "getent group testgroup" does not work (as expected) >> Why is this? >> >> thx >> matthias >> &...

...squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.5 ntlm_auth seems to report the membership of some groups correctly, but incorrectly for others. Checking the group membership using getent, shows that the user "matt" belongs to the "Domain Admins", "Domain Users" and "TestGroup" groups. ~$ getent group -s winbind | grep matt VM-DOMAIN\Domain Admins:x:10002:VM-DOMAIN\Administrator,VM-DOMAIN\matt VM-DOMAIN\Domain Users:x:10000:VM-DOMAIN\Administrator, <snip....>, VM-DOMAIN\matt VM-DOMAIN\TestGroup:x:10022:VM-DOMAIN\Administrator,VM-DOMAIN\mat...

I am having a problem getting Samba to use the linux group membership when following a symlink. On the Linux side, I have a soft link from the user's home directory to the shared directory. ln -s /home/shared/testgroup testshare In the smb.conf I have: [homes] comment = Home Directories browseable = no writable = yes valid users = %S force create mode = 0660 delete readonly = yes map archive = no case sensitive = yes follow symlinks = yes [testshared] comment = Test Shared bro...