[Samba] Windows group file permission problem
Colht, Charles
Charles.Colht at acsalaska.com
Wed Oct 19 17:16:45 GMT 2005
CentOS 3.5
samba3-3.0.20a-24
Security ADS
I can't get windows group permissions on shares to work except for 'domain users'. The windows group I am trying to use is Unix.Samba. This group does not exist on the linux box. It resolves correctly using getent group and when I chgrp files to unix.samba, ls shows the group ownership as Unix.Samba. getent group shows this group with the proper members. From XP, I am logged in with an account in this group. But if I try to access files, I get denied if the files aren't world read/write.If I change the unix group on the file to 'Domain users' it works. I noticed in swat if I look at status, my group is listed as 'Domain Users'. I assume this is my default group.
What am I doing wrong? Sorry about the long post.
Chuck
smb.conf:
[global]
workgroup = XXX
realm = CORP.XXXXXX.COM
server string = ONMS-Samba
security = ADS
auth methods = winbind
password server = XXXad6
username map = /etc/samba/smbusers
log level = 10
syslog = 0
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
load printers = No
printcap name = CUPS
disable spoolss = Yes
show add printer wizard = No
add user script = /usr/sbin/adduser -g winusers %U
preferred master = No
dns proxy = No
ldap ssl = no
idmap uid = 15000-35000
idmap gid = 15000-35000
template homedir = /home/win/%D/%U
template shell = /bin/bash
winbind use default domain = no
winbind nested groups = Yes
cups options = raw
[test]
comment = test Stuff
path = /usr/local/samba
valid users = @Unix.Samba
read only = No
#########################################################
winbindd log:
[2005/10/19 08:13:42, 6] nsswitch/winbindd.c:new_connection(596)
accepted socket 27
[2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325)
process_request: request fn INTERFACE_VERSION
[2005/10/19 08:13:42, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(460)
[ 0]: request interface version
[2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2005/10/19 08:13:42, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(493)
[ 0]: request location of privileged pipe
[2005/10/19 08:13:42, 6] nsswitch/winbindd.c:new_connection(596)
accepted socket 34
[2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325)
process_request: request fn DOMAIN_INFO
[2005/10/19 08:13:42, 3] nsswitch/winbindd_misc.c:winbindd_domain_info(355)
[ 0]: domain_info [CORP.ACSALASKA.COM]
[2005/10/19 08:13:42, 6] nsswitch/winbindd.c:new_connection(596)
accepted socket 27
[2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325)
process_request: request fn INTERFACE_VERSION
[2005/10/19 08:13:42, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(460)
[ 0]: request interface version
[2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2005/10/19 08:13:42, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(493)
[ 0]: request location of privileged pipe
[2005/10/19 08:13:42, 6] nsswitch/winbindd.c:new_connection(596)
accepted socket 35
[2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325)
process_request: request fn GETPWNAM
[2005/10/19 08:13:42, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(336)
[ 0]: getpwnam acs\acsxpeit$
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1533)
Retrieving response for pid 12260
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1533)
Retrieving response for pid 12260
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_uid(144)
idmap_sid_to_uid: sid = [S-1-5-21-335968984-468744214-619646970-18705]
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_id_from_sid(315)
db_get_id_from_sid
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221)
internal_get_id_from_sid: fetching record S-1-5-21-335968984-468744214-619646970-18705 of type 0x1
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228)
internal_get_id_from_sid: record S-1-5-21-335968984-468744214-619646970-18705 -> UID 17095
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(243)
internal_get_id_from_sid: ID_USERID fetching record S-1-5-21-335968984-468744214-619646970-18705 -> UID 17095
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190)
internal_get_sid_from_id: fetching record UID 17095
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196)
internal_get_sid_from_id: fetching record UID 17095 -> S-1-5-21-335968984-468744214-619646970-18705
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_uid(151)
idmap_sid_to_uid: uid = [17095]
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(173)
sid_to_gid: sid = [S-1-5-21-335968984-468744214-619646970-515]
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_id_from_sid(315)
db_get_id_from_sid
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221)
internal_get_id_from_sid: fetching record S-1-5-21-335968984-468744214-619646970-515 of type 0x2
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228)
internal_get_id_from_sid: record S-1-5-21-335968984-468744214-619646970-515 -> GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(262)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-335968984-468744214-619646970-515 -> GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190)
internal_get_sid_from_id: fetching record GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196)
internal_get_sid_from_id: fetching record GID 15035 -> S-1-5-21-335968984-468744214-619646970-515
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(181)
idmap_sid_to_gid: gid = [15035]
[2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325)
process_request: request fn GETGROUPS
[2005/10/19 08:13:42, 3] nsswitch/winbindd_group.c:winbindd_getgroups(925)
[ 0]: getgroups ACS\acsxpeit$
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1533)
Retrieving response for pid 12260
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1533)
Retrieving response for pid 12260
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1555)
Retrieving extra data length=44
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_store_request_data(1586)
Storing request key lJbeM7.muEkc6j1e
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1533)
Retrieving response for pid 12260
[2005/10/19 08:13:42, 10] nsswitch/winbindd_async.c:getsidaliases_recv(782)
getsidaliases return 0 SIDs
[2005/10/19 08:13:42, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1034)
Expanding our own local groups
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_store_request_data(1586)
Storing request key xIb0TsjuBWRMv_q-
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1533)
Retrieving response for pid 12293
[2005/10/19 08:13:42, 10] nsswitch/winbindd_async.c:getsidaliases_recv(782)
getsidaliases return 0 SIDs
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(173)
sid_to_gid: sid = [S-1-5-21-335968984-468744214-619646970-515]
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_id_from_sid(315)
db_get_id_from_sid
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221)
internal_get_id_from_sid: fetching record S-1-5-21-335968984-468744214-619646970-515 of type 0x2
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228)
internal_get_id_from_sid: record S-1-5-21-335968984-468744214-619646970-515 -> GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(262)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-335968984-468744214-619646970-515 -> GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190)
internal_get_sid_from_id: fetching record GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196)
internal_get_sid_from_id: fetching record GID 15035 -> S-1-5-21-335968984-468744214-619646970-515
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(181)
idmap_sid_to_gid: gid = [15035]
[2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325)
process_request: request fn GID_TO_SID
[2005/10/19 08:13:42, 3] nsswitch/winbindd_sid.c:winbindd_gid_to_sid(406)
[ 0]: gid to sid 15035
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_gid_to_sid(124)
idmap_gid_to_sid: gid = [15035]
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_sid_from_id(283)
db_get_sid_from_id: id_type_in = 0x32
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190)
internal_get_sid_from_id: fetching record GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196)
internal_get_sid_from_id: fetching record GID 15035 -> S-1-5-21-335968984-468744214-619646970-515
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221)
internal_get_id_from_sid: fetching record S-1-5-21-335968984-468744214-619646970-515 of type 0x2
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228)
internal_get_id_from_sid: record S-1-5-21-335968984-468744214-619646970-515 -> GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(262)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-335968984-468744214-619646970-515 -> GID 15035
[2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325)
process_request: request fn GETPWNAM
[2005/10/19 08:13:42, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(336)
[ 0]: getpwnam acs\acsxpeit$
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1533)
Retrieving response for pid 12260
[2005/10/19 08:13:42, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1533)
Retrieving response for pid 12260
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_uid(144)
idmap_sid_to_uid: sid = [S-1-5-21-335968984-468744214-619646970-18705]
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_id_from_sid(315)
db_get_id_from_sid
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221)
internal_get_id_from_sid: fetching record S-1-5-21-335968984-468744214-619646970-18705 of type 0x1
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228)
internal_get_id_from_sid: record S-1-5-21-335968984-468744214-619646970-18705 -> UID 17095
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(243)
internal_get_id_from_sid: ID_USERID fetching record S-1-5-21-335968984-468744214-619646970-18705 -> UID 17095
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190)
internal_get_sid_from_id: fetching record UID 17095
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196)
internal_get_sid_from_id: fetching record UID 17095 -> S-1-5-21-335968984-468744214-619646970-18705
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_uid(151)
idmap_sid_to_uid: uid = [17095]
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(173)
sid_to_gid: sid = [S-1-5-21-335968984-468744214-619646970-515]
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_id_from_sid(315)
db_get_id_from_sid
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221)
internal_get_id_from_sid: fetching record S-1-5-21-335968984-468744214-619646970-515 of type 0x2
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228)
internal_get_id_from_sid: record S-1-5-21-335968984-468744214-619646970-515 -> GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(262)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-335968984-468744214-619646970-515 -> GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190)
internal_get_sid_from_id: fetching record GID 15035
[2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196)
internal_get_sid_from_id: fetching record GID 15035 -> S-1-5-21-335968984-468744214-619646970-515
[2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(181)
idmap_sid_to_gid: gid = [15035]
[2005/10/19 08:13:43, 10] nsswitch/winbindd.c:process_request(325)
process_request: request fn GETPWNAM
[2005/10/19 08:13:43, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(336)
[ 0]: getpwnam acs\zz.ccolht
[2005/10/19 08:13:43, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1533)
Retrieving response for pid 12260
[2005/10/19 08:13:43, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1533)
Retrieving response for pid 12260
[2005/10/19 08:13:43, 10] sam/idmap_util.c:idmap_sid_to_uid(144)
idmap_sid_to_uid: sid = [S-1-5-21-335968984-468744214-619646970-25093]
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:db_get_id_from_sid(315)
db_get_id_from_sid
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221)
internal_get_id_from_sid: fetching record S-1-5-21-335968984-468744214-619646970-25093 of type 0x1
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228)
internal_get_id_from_sid: record S-1-5-21-335968984-468744214-619646970-25093 -> UID 15335
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(243)
internal_get_id_from_sid: ID_USERID fetching record S-1-5-21-335968984-468744214-619646970-25093 -> UID 15335
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190)
internal_get_sid_from_id: fetching record UID 15335
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196)
internal_get_sid_from_id: fetching record UID 15335 -> S-1-5-21-335968984-468744214-619646970-25093
[2005/10/19 08:13:43, 10] sam/idmap_util.c:idmap_sid_to_uid(151)
idmap_sid_to_uid: uid = [15335]
[2005/10/19 08:13:43, 10] sam/idmap_util.c:idmap_sid_to_gid(173)
sid_to_gid: sid = [S-1-5-21-335968984-468744214-619646970-513]
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:db_get_id_from_sid(315)
db_get_id_from_sid
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221)
internal_get_id_from_sid: fetching record S-1-5-21-335968984-468744214-619646970-513 of type 0x2
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228)
internal_get_id_from_sid: record S-1-5-21-335968984-468744214-619646970-513 -> GID 15000
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(262)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-335968984-468744214-619646970-513 -> GID 15000
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190)
internal_get_sid_from_id: fetching record GID 15000
[2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196)
internal_get_sid_from_id: fetching record GID 15000 -> S-1-5-21-335968984-468744214-619646970-513
[2005/10/19 08:13:43, 10] sam/idmap_util.c:idmap_sid_to_gid(181)
idmap_sid_to_gid: gid = [15000]
#####################################################################
***********************************************************************************
This transmittal may contain confidential information intended solely for
the addressee. If you are not the intended recipient, you are hereby
notified that you have received this transmittal in error; any review,
dissemination, distribution or copying of this transmittal is strictly
prohibited. If you have received this communication in error, please notify
us immediately by reply or by telephone (collect at 907-564-1000) and ask to
speak with the message sender. In addition, please immediately delete this
message and all attachments. Thank you. ACS
More information about the samba
mailing list