[THIN] Re: Samba group problems
- From: Michael Earley <Michael.Earley@xxxxxxxxxxxxxx>
- To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
- Date: Wed, 26 Mar 2003 09:31:57 +1000
Give up, run away, very fast.
Apparently not even Samba 3 is going to have this interoperability. The
problem is that Unix/Linux can't pass on the ACL (Access Control List)
information to Windows machines.
We have a Linux/Samba domain controller, and have an ongoing NIGHTMARE with
interoperating with a Windows Server/workstation environment. You CANNOT
use domain groups, not even "domain users" - which makes adding new users to
the network a pain as you have to go to the extra step of manually adding
each user into the published application list. You also can't have multiple
levels of access control on anything that you have on the Samba server -
it's either group, user or all. You can't assign group A to have total
access but group B to have read-only but not execute and group C to have
read and execute.
The only reason we still have this nightmarish situation is because the
person in charge is rabidly anti-Microsoft. :(
I don't know what the size of your organisation is, but I would STRONGLY
recommend that you investigate using at least a Windows NT4 domain
controller, if not Windows 2000/2003 with Active Directory. The initial
financial outlay should be compared with the ongoing hassles you are
guaranteed to have.
Regards,
--
Michael Earley, CCA
Citrix, Windows, Exchange Administrator
Ph: 3864 0244 ; Mobile: 0400 508 040
E-mail: Michael.Earley@xxxxxxxxxxxxxx
--------------------------------------------
Queensland Studies Authority
--------------------------------------------
Level 7/295 Ann Street, Brisbane, QLD Australia 4000
Ph: (+617) 3864 0299 Fax:(+617) 3221 2553
----------------------------------------------------------------------------
You cannot achieve what you have not first imagined ...
----------------------------------------------------------------------------
-----Original Message-----
From: John Price [mailto:JPrice@xxxxxxxx]
Sent: Wednesday, 26 March 2003 1:38 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Samba group problems
Environment:
Linux servers, running Samba 2.2.7. No Windows NT or 2000 domain controllers
or servers except for the MetaFrame servers that are members of the domain,
they are win2000, SP3, XPe FR2.
Problem:
When publishing an app, you cannot select any domain groups. All of the
groups in Server Manager show up as "UNIX local group". When you try to add
a group in the "Users" tab of the published app, only users show up, no
groups appear.
I have heard that Samba 2.x does not support domain-level groups. Is this a
Samba limitation, or am I having problems communicating between the Samba
LDAP domain and the Win2000 servers?
Any input would be appreciated, Thanks.
John
********************************************************
This Week's Sponsor - Emergent Online
EOL's Universal Printer new Features include:
Network Printing, Pagestreaming, 2400 DPI.
No Client Software Required!
http://www.go-eol.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This email (including any attached files) is for the intended recipient(s)
only. If you received this email by mistake, please, as a courtesy, tell the
sender, then delete this email.
The views and opinions are the originator's and do not necessarily reflect
those of the Queensland Studies Authority. All reasonable precautions have
been taken to ensure that this email contained no viruses at the time it was
sent.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
********************************************************
This Week's Sponsor - Emergent Online
EOL's Universal Printer new Features include:
Network Printing, Pagestreaming, 2400 DPI.
No Client Software Required!
http://www.go-eol.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
Other related posts:
