Date: Tue, 02 Aug 2005 22:20:33 -0400 From: Tom McLaughlin <tmclaugh@sdf.lonestar.org> To: freebsd-questions@freebsd.org Subject: samba 3 and local wheel group membership Message-ID: <1123035633.93661.78.camel@compass.straycat.dhs.org>
next in thread | raw e-mail | index | archive | help
[DISCLAIMER: The box in question is a CentOS machine but wheel group usage isn't common in the Linux world so I'm hoping another FreeBSD user has run into this.] I have a box at work running Samba 3 which I have added as a domain member to an existing Windows domain with a Windows (I believe NT4) PDC. The box running Samba has no local unix users and groups except for root and the other builtin accounts. All user authentication is done through pam_winbind and user information is handled by inbind. What I would like to do is have users that are members of the Windows domian's Server Admin group gain membership to the local unix wheel group when they login via ssh to the domain member. This is mainly to make sudo happy which doesn't seem to like group names with spaces in them. I've read chapters 11 and 12 of the Samba How-To but their instructions appear to be geared towards mapping a domain group to a unix group from the PDC running Samba. I've tried the following on the domain member running Samba based on the How-To: net groupmap add unixgroup=wheel ntgroup="Server Admin" But when I ssh in as my user and run `groups` I do not see myself as a member of the wheel group. I also can't alter files with wheel write permissions. Has someone else setup their box so domain users that are members of a particular Windows domain group become members of the local unix wheel group upon login? Should I be making changes directly on the PDC and not through Samba to accomplish this? Thanks. Tom -- BSD# Project - Mono on FreeBSD http://www.mono-project.com/Mono:FreeBSD
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1123035633.93661.78.camel>