I only had one issue that required changing some code. I wouldn't have found the issue because I usually edit the smb.conf file in my favorite text editor (vim) but I was talking a partner though viewing a share with swat and found a bug in swat.
First the only way I could find to use the NT domain groups in the smb.conf file (found absolutely no examples anywhere) was this format:
valid users = @"MYDOMAIN+Domain Admins"
The domain MYDOMAIN has the "Domain Admins" group that I wanted to grant access to a share so you use the "@" just like with UNIX groups and the group name. With winbind the group name shows up in the form of "DOMAIN+Group". And because a lot of NT domains contain a "space" in their name they need to be quoted. The only way of quoting that I found that would work is in my "valid users" example above.
Now, "swat" doesn't expect any quote marks in the string of groups and when I view the properties of that share in swat I get just an "@" and nothing else. I realized that was because in the HTML the tag looked like:
value="@"MYDOMAIN+Domain Admins""
So you can see why only the "@" was displayed. I then started looking over the source for swat (it's a C program) and found where it spit out those types of form elements (only two places need a simple change). Now the HTML that it spits out looks like:
value='"@"MYDOMAIN+Domain Admins"'
I just replaced the double quotes in the value tag with single quotes, recompiled, and it works like a champ. And no you can't use single quotes in the group name, tried that first and it doesn't work. I wouldn't have had to change the swat code if it did work.
At any rate, it seems to be working perfectly. Will be doing more heavy duty testing tomorrow probably.
