group mapping samba / ldap
 

Hello,

I'm trying to set specific permissions for a group I have created in samba. There is no standard windows group to map to so I am lost as to how to set permissions or security access to these samba groups so they will pertain to windows.


I have samba PDC with ldap backend.. I use am using thin clients to log into a terminal server and want to assign specific access rights as an example to use MSword.


I would appriciate any direction to be pointed.. I've read up on net groupmap but have yet to see how this will pertain to newly created groups..

Samba is a service that runs on a Linux machine.

To control access to the Linux box, you need set access rights to a Linux user or group account.

To control access to a Samba user or group, you need to link (map) the Samba account or group to a Linux account or group.

The process is as follows:

1. Create a Linux group
2. Create a Samba group and map it to the Linux group.
3. Set the access controls on the Linux group. They will be applied to the Samba group to which it is mapped.

I am not sure how you create your groups in Samba. If you are using the smbldap-tools, the Linux groups will be created in ldap when you create the samba groups.

If you look at your group record in ldap, you should see Posix (Linux) group information as well as Windows (Samba) group information.

In other words, the single ldap entry should create the Linux group and the Samba group.

That should take care of steps 1 and 2.

You should now just have to do step 3.