[KLUG Advocacy] samba and ldap and heimdal
Adam Tauno Williams
adam at morrison-ind.com
Mon Apr 4 11:59:56 EDT 2005
> > > All local groups modified through user manager for domains are using the
> > > sambaSIDList attribute and ignoring the member. I'm assuming this will
> > > make this group useless for linux machines. This can be seen in my
> > > "Backup Operators" group object as an example.
> > Ah. What do these local groups actually do? I have them (as in they
> > exist) but I've never seen them actually used for anything.
> Local groups can contain a global group as a member. Global Groups can
> only contain users.
> It was m$ way of avoiding cascading group owning a group membership.
> This limits the cascade membership level to 1.
Ah, yep, I remember that now. But I'm still unclear if local groups on
the Samba server do or are-meant-to-do anything meaningful. NSS
certainly isn't going to understand the membership cascade (although it
is a very neat idea).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.kalamazoolinux.org/pipermail/advocacy/attachments/20050404/4bb833cc/attachment.bin
More information about the Advocacy
mailing list