How to add Windows Domain User to Linux Group (help)

keysys · 12-18-2012, 01:01 AM

Dear admin / Users,

Can you some one describe how to add windows domain user to Linux group ??

Thanks

acid_kewpie · 12-18-2012, 01:53 AM

not without a better description of your setup. is AD involved? where are these linux groups? how are you running this all?

keysys · 12-18-2012, 02:08 AM

Dear Chris,

Really Appropriated your prompt on regards.

As i have successfully integrate my Linux box (Cent OS) windows 2003 Domain Controller.

all my users are located on Domain Controller and i need to provide access rights to them by using samba share.so i need to add Specific user in my active directory to created Linux group

Example
Active directory users are - User01 / User02 / Admim
Create Linux Group as NTUSER and then need to specific user to created group in Linux on above user list

i checked wbinfo -g / wbinfo -u and its retrieved users and groups well.

acid_kewpie · 12-18-2012, 02:10 AM

So if the group is local to the linux server, then you can just add the AD username to the group in /etc/group (or via a tool like usermod). Is that what you mean?

keysys · 12-18-2012, 02:50 AM

Dear Chirs,

Usermod command not working with domain enviromanent

User Exist in active directory.

[root@filesvr /]# id internet1
uid=268442898(internet1) gid=268442898(internet1) groups=268442898(internet1),268435969(domain users),268440364(www-group) context=system_u:system_r:initrc_t

[B]when trying to add[/B]

[root@filesvr /]# usermod -G new internet1
usermod: user internet1 does not exist

successfully for local user (Linux users )

1.[root@filesvr /]# useradd cool
2.[root@filesvr /]# id cool
uid=501(cool) gid=507(cool) groups=507(cool) context=system_u:system_r:initrc_t
3.[root@filesvr /]# usermod -G new cool
4.[root@filesvr /]# id cool
uid=501(cool) gid=507(cool) groups=507(cool),506(new) context=system_u:system_r:initrc_t

Thank you,

acid_kewpie · 12-18-2012, 02:56 AM

oh, right so "getent passwd" doesn't show the users? And this group membership is just for share access as opposed to system logins? If this is for samba access, then I'd have thought you should be using AD to hold the group as well as the users. If it IS for system access, then you'd need to add winbind to /etc/nsswitch.conf to make the samba / AD sourced users available to the base system

keysys · 12-18-2012, 03:02 AM

Dear Chirs,

getent passwd is retrieved my local and domain user list as well.

Thanks

acid_kewpie · 12-18-2012, 03:22 AM

hmm, tried just adding it to /etc/group directly? Not sure why usermod won't add it.

keysys · 12-18-2012, 03:37 AM

Dear Chirs,

i added windows use to new group which was created recently.after that gave the file group owner right to specific folder and tried to access from windows Pc,but its not success.

1.vi /etc/groups
new:x:506:cool,internet1
2.change the folder group as "chgrp new samba-test"
3.change the permission as drwxrwx--x on samna-test
4.try to access group user but unable

when i gave the add my domain user as the owner of the folder then windows user have full access on it.
1.chown internet1 samba-test
2.change the permission as drwx------
3.try to access from windows machine & its success.