Groups module

8.1.2. Groups module#

In Nubus, you manage groups through the Groups management module. You find the module in the Domain category of the Management UI Fig. 8.3 shows the module for creating a group. The following sections describe the tabs in the Groups management module:

For information about group management, see Groups module.

Creating a group through the Group management module

Fig. 8.3 Creating a group through the Group management module#

8.1.2.1. General tab - Group management#

Name

Defines the name of the group. For recommended characters for the group name, see Recommendation for group name definition.

Description

For a description of the group.

Users

Add users as members to the group.

Groups

Add other groups as members of the current group. It turns the current group into a nested group. See Group nesting with groups in groups.

8.1.2.2. Advanced settings tab - Group management#

Mail

This part defines a mail group. For details, see Management of mail groups.

Host members

Add computer host objects as members to the group.

Member of

Add other groups. The current group becomes member of the other groups listed here.

Group ID

If you want to assign a certain ID to the group, you can set it here when creating a group.

Otherwise, Nubus automatically assigns the next available group ID to the group when you create it. You can’t change the group ID subsequently. The Group management module then shows the ID as read-only field.

The group ID may consist of integers between 1000 and 59999, and between 65536 and 100000.

Windows ‣ Relative ID

The relative ID (RID) is the local part of the Security ID (SID) that Windows and Samba domains use.

If you want to assign a certain RID to the group, you can set it here when creating a group. Otherwise, Nubus automatically assigns the next available RID to the group when you create it. You can’t change the RID subsequently. The Group management module then shows the RID as read-only field.

If you use Samba/AD, Samba creates the RID and you can’t specify it.

Standard groups and special objects reserve RIDs below 1000.

Windows ‣ group type

Nubus evaluates the group type when a user signs in to a Samba/AD based domain. The following group types exist:

Global Groups

are known across the domain. This is the default group type.

Local groups

are only relevant on Windows servers.

Well-known group

This group type covers groups preconfigured by Samba/Windows servers which generally have special privileges, such as Power Users.

Windows ‣ AD group type

Only the login procedure in a Samba/AD based domain evaluates this group type upon user sign-in. For more information, see Synchronization of Active Directory groups when using Samba/AD.

Windows ‣ Samba privileges

Use this field to assign Windows system rights to a group, for example, the right to join a Microsoft Windows client in the domain. The field is equivalent to Samba privilege in Account tab - Users management.

8.1.2.3. Options settings tab - Group management#

This tab is only available when adding groups, not when editing groups. You can clear certain LDAP object classes for the group here. After group creation, you can no longer edit the fields.

Samba group

This checkbox indicates whether the group contains the LDAP object class sambaGroupMapping.

POSIX group

This checkbox indicates whether the group contains the LDAP object class posixGroup.

On this page