Web lists-archives.com

Re: [Samba] Upgraded a member server to 4.8, rfc2307 data?




On Thu, 6 Sep 2018 14:20:42 +0200
Marco Gaiarin via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Mandi! L.P.H. van Belle via samba
>   In chel di` si favelave...
> 
> > And in addition to Rowland comment, i'll show how i use it. 
> 
> Thanks. I add a note myself.
> 
> Only 'non-primary groups' get listed in memberOf/member data in LDAP,
> so if you need to get 'group membership' for other tools/app/... you
> 'lost' (apart doing some complex queries...) the default group.
> 
> I've found web interfaces that are able to do also 'nested group
> expansions', but (by default) does not lookup primaryGroupID/gidNumber
> (because, indeed, is a totally different query).
> 
> 
> So, probably the best thing to do is to keep 'Domain Users' as default
> group and stop.
> 

I have never understood why people want different primary groups for
Unix users in AD. You can get something similar by denying access to a
share from the 'Domain Users' group and allowing access from another
group.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba