Active Directory and Groups
Beck, Forrest
forrest at da.org
Thu Feb 13 12:29:54 PST 2003
Hopefully my question is an easy one.
Trying to setup groups in active directory and give permissions to shares on my
Xserver with these groups.
What information is needed by OS X to understand members of the group. -OR-
What attribute needs to be mapped under Directory Access for Groups? I notice
now that it maps to userlist, but there isn't a user list attribute inAD.
When looking at lookupd for by group "students"
I get:
[xserver:~] admin% lookupd -d
lookupd version 272 (root 2002.07.27 09:40:39 UTC)
Enter command name, "help", or "quit" to exit
> groupWithNumber: 777
Dictionary: "LUServer: group gid 777"
gid: 777
name: students
users: CN=Mac,CN=Users,DC=test,DC=com
+ Category: group
+ Time to live: 60
+ Age: 0 (expires in 60 seconds)
+ Negative: No
+ Cache hits: 0
+ Retain count: 3
>
The current user listing is coming from Active Directories "members" attribute,
which is modified when adding users to a group.
Am I on the right path?
Does OS X need a interger instead of Distinguished Name?
Thanks!
Forrest Beck
More information about the X-Servers
mailing list