LinkBack URL
About LinkBacksI have a new linux machine set up and it is joined to the domain. I want to enable a map so that the local 'adm' group on the linux machine contains the 'Domain Admins' group of the AD.
Does anyone know how to do this?
I have a new linux machine set up and it is joined to the domain. I want to enable a map so that the local 'adm' group on the linux machine contains the 'Domain Admins' group of the AD.
Does anyone know how to do this?
And, to answer my own question.
You use 'net group add/modify'.
And on Ubuntu group maps are already set up but are set to null (so Domain Admins -> -1) so you have to use 'net group modify ntgroup="Domain Admins" unixgroup=blah.
Well I seem to have a problem. I am trying to set up CUPS + Samba (and eventually pykota).
I have the machine joined to the domain fine, I have used the net group modify command to map Domain Admins -> adm etc... but when I set up the samba print$ share (per http://us1.samba.org/samba/docs/man/...-printing.html) I add @adm as a write list member for the share and also @adm as 'printer admin' in the [printers] share details.
When I try and follow the instructions for adding drivers to the share via the windows method, the driver list is empty and the 'Add Driver' button greyed out. I am guessing that this is due to the group mappings not working properly.
Any advice?
Can you not just give write to @"Domain Admins" instead of adm?
hmm... I hadn't tried it without the domain in front of it. I'll try and see.
If getent passwd and getent group include domain users and groups, then I don't see why it shouldn't work.
Tried it and it still doesn't work. Any other ideas?
I presume you've tried the usual wbinfo with '-u', '-g' and '-a user%pass' to test everything's working?
Yep. getent works fine. I have the full lists working. And the wbinfo is working fine too.
All the authentication stuff works fine, it just seems to be the use of iit for checking share permissions.
you need to use 'net groupmap' to associate the correct SSID for Domain Admins with a local unix group.
I already have done that... (I mistyped my earlier message). I have Domain Admins -> adm, Domain users -> users and Domain Guests -> nobody.
Maybe of no help at all but I can't get proper adminstrative remote control of my Ubuntu/CUPS/Samba printerserver and thats on a peer to peer network with no security at all.
I believe that CUPS adminstration is broken on Ubuntu due to philosphicall differences (eg geek war) in the community.
This info is 4 months old so maybe things have changed?
regards
Simon
I think that deserves a separate thread SimpleSi.
@geoff - not looking for any help - just saying I believe CUPS adminstration is broken under Ubunutu and maybe that's why options are greyed out and not actually a permissions problem.
regards
Simon
I think I'll go over to the ubuntu forums site and post about it.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote