Network and Storage Protocols

Possible to map whole AD Group to unix user or group?

leonid_karchevsky
2,593 Views

I need to provide access to Windows AD users (that are members of "ContribFTP") to a UNIX Volume (via CIFS share).

I want to map all of them to a specific UNIX user ("uxuser" for example).

It works great when I put users individually into /etc/usermap.cfg (i.e. *\user1 => uxuser), but I don't want to put every user in usermap.cfg and maintain it every time we add new user.

Is it possible to map ALL users inside "ContribFTP" group to "uxuser" ?

Adding entry to /etc/usermap.cfg:

*\contribftp => uxuser

doesn't work

If it's impossible, what about Windows (AD) group to UNIX group mapping? I didn't see such file (i.e. /etc/groupmap.cfg) anywhere...

1 REPLY 1

aborzenkov
2,593 Views

As far as I know it is not possible. Also Windows does not really have notion of “primary group” for a user.

Public