Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
07-21-2004, 10:53 PM
|
#1
|
|
Member
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301
Rep: 
|
Map Windows NT Groups to UNIX Groups - why?
Code:
#!/bin/bash
#
# initGrps.sh
#
# Create UNIX groups
groupadd acctsdep
groupadd finsrvcs
# Map Windows Domain Groups to UNIX groups
net groupmap modify ntgroup="Domain Admins" unixgroup=root
net groupmap modify ntgroup="Domain Users" unixgroup=users
net groupmap modify ntgroup="Domain Guests" unixgroup=nobody
# Add Functional Domain Groups
net groupmap add ntgroup="Accounts Dept" unixgroup=acctsdep type=d
net groupmap add ntgroup="Financial Services" unixgroup=finsrvcs type=d
# Map Windows NT machine local groups to local UNIX groups
net groupmap modify ntgroup="Administrators" unixgroup=sys
net groupmap modify ntgroup="Users" unixgroup=public
net groupmap modify ntgroup="Guests" unixgroup=nobody
net groupmap modify ntgroup="System Operators" unixgroup=daemon
net groupmap modify ntgroup="Account Operators" unixgroup=wheel
net groupmap modify ntgroup="Backup Operators" unixgroup=bin
net groupmap modify ntgroup="Print Operators" unixgroup=lp
net groupmap modify ntgroup="Replicators" unixgroup=kmem
net groupmap modify ntgroup="Power Users" unixgroup=ntadmin
6. Q: Why must I map Windows Domain Groups to UNIX groups?
A: Samba-3 does not permit a Domain Group to become visible to Domain network clients unless the account has a UNIX group account equivalent. The Domain groups that should be given UNIX equivalents are: Domain Guests, Domain Users, Domain Admins.
I got this snippet from www.samba.org, entitled "Samba-3 by Example"
I manage to get Samba working with domain logons without running anything from above, is it related? |
|
|
|
|
07-22-2004, 01:59 AM
|
#2
|
|
Guru
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,817
|
You only need to do that if you want to have your Windows users organized by groups and have group permissions.
|
|
|
|
|
07-22-2004, 05:45 AM
|
#3
|
|
Member
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301
Original Poster
Rep:
|
Thanks for the reply! 
Are the last few lines of my /var/log/messages related to this issue?
Code:
Jul 20 15:05:22 redhat32 smbd[4888]: [2004/07/20 15:05:22, 0] rpc_server/srv_pipe.c:api_pipe_netsec_process(1397)
Jul 20 15:05:22 redhat32 smbd[4888]: failed to decode PDU
Jul 20 15:05:22 redhat32 smbd[4888]: [2004/07/20 15:05:22, 0] rpc_server/srv_pipe_hnd.crocess_request_pdu(605)
Jul 20 15:05:22 redhat32 smbd[4888]: process_request_pdu: failed to do schannel processing.
Jul 20 15:05:23 redhat32 smbd[4888]: [2004/07/20 15:05:23, 0] smbd/service.c:set_current_service(56)
Jul 20 15:05:23 redhat32 smbd[4888]: chdir (/home/samba/netlogon) failed
Jul 20 15:05:24 redhat32 smbd[4888]: [2004/07/20 15:05:24, 0] smbd/service.c:set_current_service(56)
Jul 20 15:05:24 redhat32 smbd[4888]: chdir (/home/samba/netlogon) failed
Jul 20 15:05:33 redhat32 smbd[4888]: [2004/07/20 15:05:33, 0] rpc_server/srv_util.c:get_domain_user_groups(376)
Jul 20 15:05:33 redhat32 smbd[4888]: get_domain_user_groups: primary gid of user [redhat32admin] is not a Domain group !
Jul 20 15:05:33 redhat32 smbd[4888]: get_domain_user_groups: You should fix it, NT doesn't like that
|
|
|
|
|
07-24-2004, 10:13 PM
|
#4
|
|
Member
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301
Original Poster
Rep:
|
*bump*
|
|
|
|
|
10-16-2007, 11:52 AM
|
#5
|
|
Member
Registered: Aug 2003
Distribution: Dead Rat
Posts: 167
Rep:
|
Yes, that's the "NT doesn't like that" error.
Map the group the log is whinging about, and you will not only eliminate that error message, you will significantly speed up the login process for the client machine.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 10:22 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
