I have a Redhat ES 6 server that's successfully joined to a domain via Winbind (i.e. I can login to the Redhat server using domain credentials with no issues).
What I'm looking to do at this point is configure Winbind to automatically add users to a local group based on their domain group. So, for example, say my username on the domain is "DOMAIN\coledot" and I'm a member of the domain group "Arbitrary Group". In my /etc/group file on the Redhat machine, I have the local group "testgrp" defined:
testgrp:x:10506:
If my understanding of the Samba/Winbind groupmap documentation is correct, I should be able to map the local group "testgrp" to the domain group "Arbitrary Group" by using the net groupmap
command:
net groupmap add ntgroup="Arbitrary Group" unixgroup=testgrp type=d
Running net groupmap list
confirms the mapping is created:
root@host # net groupmap list
[...]
Arbitrary Group (S-x-x-xx-xxxxxxxxxx-xxxxxxxxx-xxxxxxxxx-xxxx) -> testgrp
However, when I run the groups
command, even though my user shows up as part of the "Arbitrary Group" group, "testgrp" is nowhere to be found.
My question is twofold:
1) Is my understanding of net groupmap
correct?
2) How can I accomplish my original task (map domain user to local group via domain group)?