[KLUG Advocacy] samba and ldap and heimdal

Mike Williams knightperson at zuzax.com
Mon Apr 4 15:13:19 EDT 2005

Previous message: [KLUG Advocacy] samba and ldap and heimdal
Next message: [KLUG Advocacy] I love this kind of stuff ... :-)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>
>
>From: Dirk H Bartley <bartleyd2 at chartermi.net>
>
>On Mon, 2005-04-04 at 11:18 -0400, Adam Tauno Williams wrote:
>
>  
>
>>>> > All local groups modified through user manager for domains are using the
>>>> > sambaSIDList attribute and ignoring the member.  I'm assuming this will
>>>> > make this group useless for linux machines.  This can be seen in my
>>>> > "Backup Operators" group object as an example.
>>>      
>>>
>>> 
>>> Ah.  What do these local groups actually do?  I have them (as in they
>>> exist) but I've never seen them actually used for anything.
>>> 
>>    
>>
>
>Local groups can contain a global group as a member.  Global Groups can
>only contain users.
>
>It was m$ way of avoiding cascading group owning a group membership.
>This limits the cascade membership level to 1.
>
>Dirk
>
That was the case in NT4 and W2K, and it was a good idea.  I think MS 
has added a few ways that you can break that rule in a native mode 
Server 2003 tree.  Some global groups are more global than others, or 
something.  I can look it up if anybody really cares.

Previous message: [KLUG Advocacy] samba and ldap and heimdal
Next message: [KLUG Advocacy] I love this kind of stuff ... :-)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Advocacy mailing list