Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am having an issue and I am hoping that it is not just a limitation of Linux. I really want to get rid of some Windows fileservers.
I have Fedora Core 1 and Samba 3.0.2 configured with ADS security and all appears to be working well. I can do a "wbinfo" and "net group" and get the desired results. I can also map a drive using ADS security. However, the problem is the Linix will only recognize that a Windows AD user is only a member of one group and the Samba SWAT status screen seems to reflect this. It appears that Samba will only recognize that users primary group and none of the others that he/she belongs. This extremly reduces my security options in file and directory permissions.
Is there a way to get Samba 3.0.2 to recognize all the groups in AD that a user belongs? Also, is it true that Linux can only have three permissions on a directory or file? (1 user, 1 group, and others)
Im not a master on this issues but, aren't you mixing domain groups with Linux/unix groups? or am I?
As far as I know (which isn't much) you can have network groups and or belong to a Domain using Samba as a Primary Domain Controller (recomended), and the groups you see on the SWAT or Webmin are the Linux/Unix groups, there is where you actually set users and their permissions.
BTW. use Webmin, it has a Samba module which works very well, and you can see the primary linux group and the secondaries aswell.
And yes you can have three types of permissions users, groups and others (uuugggooo) each one of these with read,write and execute.
In my personal experience I have a network with 18 people connected, I use samba as a PDC to control access to a domain, and also as a file server to give access to each ones files and some comon files.
I created various user groups on the unix server with users and different levels of access on each group. I Then synchronized the groups with the Samba Groups via Webmin, don't remember how to do it manually
Unfortunately I work for a medium sized company and need the functionality of multiple groups. I am still trying to figure out a way around the one user/group/others limitation that Linux uses. I need to assign many different levels of security to the same location.
I did find some information that version 3.0.2 has several bugs, one of them being the multiple group usage. It is supposed to be fixed in the next release. The workaround is to set "Use default Domain" to "no". That is supposed to make the multiple groups work, but I have not tried it yet.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
Samba and Windows Primary Group
