Question to the Samba-Developer

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Question to the Samba-Developer

Holger Wesser
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi there,

as mentioned in a thread before, I'm in trouble when trying to add a
local group via NT-Usermanager. I think the problem is the following
line in the smb.conf:

add group script = /usr/local/sbin/smbldap-groupadd -p "%g"

In this case, the only parameter that is handed over to the
smbldap-groupadd script is the name of the group ("%g"). Unfortunately
the script doesn't know, which type of group it has to create. By
default, it creates a global group. So is there a variable available,
that specifies the type of group?

I hope, you understand what I mean.

Greets,
Holger
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCb5rXO0QDuZMdP0sRAoIfAJ4+DSVB4sE1pbKPqVH2IPvxZ6NaoQCfWiwj
SKC8zRYmGBPt90mlTzWKt68=
=gl1K
-----END PGP SIGNATURE-----
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Reply | Threaded
Open this post in threaded view
|

Re: Question to the Samba-Developer

Tony Earnshaw
ons, 27.04.2005 kl. 15.59 skrev Holger Wesser:

> as mentioned in a thread before, I'm in trouble when trying to add a
> local group via NT-Usermanager. I think the problem is the following
> line in the smb.conf:
>
> add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
>
> In this case, the only parameter that is handed over to the
> smbldap-groupadd script is the name of the group ("%g"). Unfortunately
> the script doesn't know, which type of group it has to create. By
> default, it creates a global group. So is there a variable available,
> that specifies the type of group?
>
> I hope, you understand what I mean.

I think that local groups can only be added on local machines. By
definition a Samba (P|B)DC is not a local machine, at any rate the Samba
people never designed it as such.

The regular Samba tools, plus the official Samba documentation, plus
diverse idiot "HOWTO"s, only make mention of sambaGroupType 2.

The reason for that is, that one can't add local groups to a site-wide
DOMAIN database. Reasonable, when one thinks about it.

Why the smbldap scripts should infer that one can I dunno. They do other
useless things, too, that prohibit me from using them at all.

--Tonni

--
Nothing sucksseeds like a pigeon without a beak ...

mail: [hidden email]
http://www.billy.demon.nl
 
They'll love us, won't they? They feed us, don't they? ...

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Reply | Threaded
Open this post in threaded view
|

Re: Question to the Samba-Developer

Jerome Tournier
In reply to this post by Holger Wesser
Le Wed, Apr 27, 2005 at 03:59:51PM +0200, Holger Wesser a ecrit:
> add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
> by default, it creates a global group. So is there a variable available,
> that specifies the type of group?

You can use the -t option of smbldap-groupadd. Available values are:
-t group type
  set the NT Group type for the new group. Available values are
  'domain' (group type 2), 'local' (group type 4) and 'builtin'
  (group type 5). The default group type is "domain" (type 2).

Note that actual documentations are wrong. The value mus be domain, local
or builtin (not 2, 4 or 5).
--
Jerome
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
Reply | Threaded
Open this post in threaded view
|

Re: Question to the Samba-Developer

John H Terpstra - Samba Team
On Wednesday 27 April 2005 09:54, Jerome Tournier wrote:

> Le Wed, Apr 27, 2005 at 03:59:51PM +0200, Holger Wesser a ecrit:
> > add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
> > by default, it creates a global group. So is there a variable available,
> > that specifies the type of group?
>
> You can use the -t option of smbldap-groupadd. Available values are:
> -t group type
>   set the NT Group type for the new group. Available values are
>   'domain' (group type 2), 'local' (group type 4) and 'builtin'
>   (group type 5). The default group type is "domain" (type 2).
>
> Note that actual documentations are wrong. The value mus be domain, local
> or builtin (not 2, 4 or 5).

In respect of Holger's need however, I am not aware of any way that the
required information can be passed from Samba to the "add group script". I do
not kow of any macro that can be used to pass that information across the
great divide between Samba and the script. This means that it may be
necessary either to default to management only of a "domain" group, or else
to specify the interface script parameters as:

   add group script = /opt/IDEALX/sbin/smbldap-groupadd -p %g -t domain

Does anyone have better insight into this?

- John T.
--
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba