Enhancement #2792
Samba: map local users to Domain Users
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-samba | |||
Target version: | v6.5 | |||
Resolution: | NEEDINFO: | No |
Description
When the server is configured as a PDC, the locals
unix group is mapped to a Samba group called with the same name.
Probably, the expected behavior is that locals
unix group is mapped to Domain Users
Samba group.
On a running machine, this can be achieved with these commands:
SID=`net getlocalsid | cut -d' ' -f6`; net groupmap add ntgroup="Domain Users" unixgroup=locals sid=$SID"-513" net groupmap delete ntgroup="Domain Users" net groupmap delete ntgroup="locals"
Should this mapping be the default on a PDC system?
Related issues
Associated revisions
Domain Users NT group is now mapped to "locals". Refs #2792
nethserver-samba-netcacheflush: clear ID map cache on relevant events. Refs #2792
nethserver-samba-netcacheflush: fixed shell shebang. Refs #2792
History
#1 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from NEW to TRIAGED
- Target version set to ~FUTURE
- % Done changed from 0 to 20
#2 Updated by Filippo Carletti almost 7 years ago
- Target version changed from ~FUTURE to v6.5
#3 Updated by Davide Principi almost 7 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Davide Principi
- % Done changed from 20 to 30
On branch b2803 Refs #2803
#4 Updated by Davide Principi almost 7 years ago
- Related to Enhancement #2803: Edit workgroup name when role is Workstation added
#5 Updated by Davide Principi almost 7 years ago
- Related to Bug #2733: Domain Administrators rights not enforced by workstations added
#6 Updated by Davide Principi almost 7 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 30 to 60
Test case 1
Install the modified package on a clean system.
# wbinfo -G `getent group locals | cut -d : -f 3` S-1-5-21-...-513
RID must be 513
, and domusers
must NOT exist
Test case 2
Update an existing installation, re-execute the same checks of Test case 1.
#7 Updated by Davide Principi almost 7 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-samba-1.4.5-1.14git5c2b63f.ns6.noarch.rpm
#8 Updated by Giacomo Sanchietti almost 7 years ago
- Assignee set to Giacomo Sanchietti
#9 Updated by Giacomo Sanchietti almost 7 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 70 to 90
Test case 1
Test case 2
[root@localhost ~]# wbinfo -G `getent group locals | cut -d : -f 3` S-1-5-21-4115209966-4004303613-1871331273-513
Created a new user t1
:
[root@localhost ~]# net rpc group members locals Enter root's password: LOCALHOST\admin LOCALHOST\t1 [root@localhost ~]# net rpc group members "Domain Users" Enter root's password: LOCALHOST\admin LOCALHOST\t1
#10 Updated by Giacomo Sanchietti almost 7 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
- nethserver-samba-1.4.6-1.ns6.noarch.rpm