[Samba] samba v2 works, v3 does not - Unix groups

Peter Glassenbury (CSSE) P.Glassenbury at cosc.canterbury.ac.nz
Thu Oct 9 21:08:06 GMT 2008 

Shifting from a v2 samba server to v3 - Read documentation
and googled LOTS  but can't seem to find the bits that apply
to my simple(?) server  with regards to groups.

# rpm -qi samba
Version     : 3.0.28          Vendor: Red Hat, Inc.
Release     : 1.el5_2.1       Source RPM: samba-3.0.28-1.el5_2.1.src.rpm

Samba on server (Red Hat Enterprise Linux 5.2) IS MOSTLY WORKING...
home directories authenticating correctly to Active Directory,
then supplying Unix disk to windows clients.
Mounting correctly. read write OK
testparm works fine..no errors

THE PROBLEM :
===========
Other samba shares (eg www) mount, and are browsable and
read and writeable IN PART...
they don't take note of the secondary Unix group permissions
By this I mean user "fred" in the ldap password entry has default
group "staff" and the file mode permissions for staff do work.
User "fred" is also in group "webadmin" in the ldap unix group.
These do NOT work. If I change "fred" in ldap to be default
group "webadmin", the group permissions for "webadmin" now work.
(but staff do not :-( )

The following entry for www shows (in comments) the variations
I have attempted. (before the testparm does its stuff).
read/write list also been commented out. to try and rely only
on Unix group but no improvement.

[www]
         comment = WWW directory
         path = /export/netfs/www
;       valid users = +staff
;       valid users = fred, john, mary
         public = no
         writable = yes
         read list = +staff, +webadmin
         write list = +staff, +webadmin
         create mode = 0775
#############################################
### The file.....with only other shares removed.
# more /etc/samba/smb.conf
[global]
         workgroup = UOCNT
         realm = CANTERBURY.AC.NZ
         server string = CSSE Samba
         security = ADS
         log file = /var/log/samba/%m.log
         max log size = 300
         local master = No
         wins server = eth0:IP_address, eth0:Alternate_IP_Address
         hosts allow = 127., 132.181., 10.

[homes]
         comment = Home Directories
         read only = No
         create mask = 0700
         directory mask = 0750

[www]
         comment = WWW directory
         path = /export/netfs/www
         read list = +staff, +webadmin
         write list = +staff, +webadmin
         read only = No
         create mask = 0775
=============================================

-- 
-------------------------------------------------------------------
Peter Glassenbury			Computer Science department
pete at cosc.canterbury.ac.nz		University of Canterbury
+64 3 3642987 ext 7762			New Zealand

More information about the samba mailing list