samba-users May 2010 archive
Main Archive Page > Month Archives  > samba-users archives
samba-users: [Samba] Restricting file server access by group

[Samba] Restricting file server access by group

From: Alex McKenzie <alex_at_nospam>
Date: Tue May 18 2010 - 15:48:43 GMT
To: samba@lists.samba.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is for the same file server I wrote about earlier.

I would like to restrict access by group, as defined in LDAP. The
obvious solution is to add a filter to the login LDAP search that
restricts to gidNumber=10038 or 10001, since those are the groups I
need. From what I'm seeing, I need to add that to /etc/ldap.conf in the
 nss_base_ section, but how to do it isn't clear.

Do I just enter it as a standard LDAP filter? In this case, I think I'd
want (|(gidNumber=10038)(gidNumber=10001)), but it's really not clear
the syntax really isn't clear from the file. Would it just be

nss_base_passwd (|(gidNumber=10038)(gidNumber=10001))?one

That's what it looks like, anyway... if anyone can give me an answer,
or at least point me towards a good source of documentation on this, I'd
appreciate it.

Thanks,
  Alex McKenzie
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkvyttoACgkQWFYfIucpZ2ObvgCfSM9nizx9FgEwHJ+RDAGG6v/Q
C8EAn3C4d7rznRFcdLT/T/qL74lpPAY8
=uSMj
-----END PGP SIGNATURE-----
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba