I'm working on an application which collects data on groups. In my application I need to collect data and the residing users of local groups and send meta-data on domain-controlled groups.
My problem is, given such remote group (using getent group groupName) how can I determine its domain?
If you are using winbind to authenticate with your AD domain, then you can use the wbinfo command to get this information:
To list all domain groups:
$ wbinfo --domain-groups unix_group1 unix_group2 DOM2+windows_group1 DOM2+windows_group2 DOM3+windows_group3 This option will list all groups available in the Windows domain for which your host is operating in. Some groups are listed with the preceeding domain name (DOM2+). The ones without a domain name are from the local domain.
To establish the hosts own domain to which it belongs:
$ wbinfo --own-domain DOM1 To list all domains that the hosts samba daemon is operating in:
$ wbinfo --domain-groups DOM1 DOM2 DOM3 To confirm the group membership, you can set the domain to search in then check for domain groups:
$ wbinfo --domain DOM1 --domain-groups | grep unix unix_group1 unix_group2 
net ads group type comnbinations to try to get the answer for you that way, however, I could not get a viable solution to providing the domain for each group. Good luck...