Adding domain users to local group

Hey Guys,

I’m having trouble adding domain users to local groups (/etc/group). This is normally trivial, and on other distributions normally involves adding the user like any other user, in the format “domain\username”, sometimes with a double backslash or a plus sign instead. I’ve tried many formats and simply cannot get OpenSUSE to add domain users to the group in /etc/group. I check success by running groups afterwards, or by trying to edit a file that the group has read/write access to.

Can anyone point me in the right direction here?

Thanks

I’m not quite sure what you’re trying to do - normally in a domain environment (If you’re using AD) you would query the AD for the groups and those would be added to the user on top of normal group permissions.

Explain your setup in detail? Or at least some information as to how you’ve set it up.

And please also first and foremost tell what you are using. Which version of openSUSE? Is this SAMBA?

Sorry, I’m using OpenSUSE 13.1. I enabled Active Directory integration via the Yast control panel. Nothing fancy, just using out-of-the-box functionality. Under SLES 11 SP3, I use to be able to add domain users to local groups like “www” by simply adding “DOMAIN\user” to /etc/group, but this does not seem to work under OpenSUSE 13.1. If I run groups I can obviously see all the domain groups I’m a member of… oh wait, I’ve just noticed adding “DOMAIN\user” does work. It requires you to re-login for it to take effect by the looks of it. God ****, oh well, all good. Here’s what it looks like.


root:x:0:
bin:x:1:daemon
daemon:x:2:
sys:x:3:
tty:x:5:
disk:x:6:
lp:x:7:
www:x:8:DOMAIN	omw
...

On 2014-10-17 01:16, tomwardrop wrote:

> but this does not seem to work under OpenSUSE 13.1. If I run groups I
> can obviously see all the domain groups I’m a member of… oh wait, I’ve
> just noticed adding “DOMAIN\user” does work. It requires you to re-login
> for it to take effect by the looks of it. God ****, oh well, all good.
> Here’s what it looks like.

Yes, you have to login again so that group modifications are seen by
that user. Don’t you need to do the same in SLES? Curious. Why would be
that? :-o?


Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)

You probably do have to do the same in SLES. We’ll put this one down as user error shall we :wink: