[Samba] Re: Unix groups not being recognised

Peter Glassenbury (CSSE) P.Glassenbury at cosc.canterbury.ac.nz
Wed Oct 15 20:48:41 GMT 2008 

I got no answers other than a "metoo" for this...so
maybe it IS a tricky problem and not just a config error...
Can someone give any pointers on how to debug further...
I am rather stuck on what to do next.
Thanks
Pete

Re: [Samba] samba v2 works, v3 does not - Unix groups
> Shifting from a v2 samba server to v3 - Read documentation
> and googled LOTS  but can't seem to find the bits that apply
> to my simple(?) server  with regards to groups.
> 
> # rpm -qi samba
> Version     : 3.0.28          Vendor: Red Hat, Inc.
> Release     : 1.el5_2.1       Source RPM: samba-3.0.28-1.el5_2.1.src.rpm
> 
> Samba on server (Red Hat Enterprise Linux 5.2) IS MOSTLY WORKING...
> home directories authenticating correctly to Active Directory,
> then supplying Unix disk to windows clients.
> Mounting correctly. read write OK
> testparm works fine..no errors
> 
> THE PROBLEM :
> ===========
> Other samba shares (eg www) mount, and are browsable and
> read and writeable IN PART...
> they don't take note of the secondary Unix group permissions
> By this I mean user "fred" in the ldap password entry has default
> group "staff" and the file mode permissions for staff do work.
> User "fred" is also in group "webadmin" in the ldap unix group.
> These do NOT work. If I change "fred" in ldap to be default
> group "webadmin", the group permissions for "webadmin" now work.
> (but staff do not :-( )
> 
> The following entry for www shows (in comments) the variations
> I have attempted. (before the testparm does its stuff).
> read/write list also been commented out. to try and rely only
> on Unix group but no improvement.
> 
> [www]
>         comment = WWW directory
>         path = /export/netfs/www
> ;       valid users = +staff
> ;       valid users = fred, john, mary
>         public = no
>         writable = yes
>         read list = +staff, +webadmin
>         write list = +staff, +webadmin
>         create mode = 0775
> #############################################
> ### The file.....with only other shares removed.
> # more /etc/samba/smb.conf
> [global]
>         workgroup = UOCNT
>         realm = CANTERBURY.AC.NZ
>         server string = CSSE Samba
>         security = ADS
>         log file = /var/log/samba/%m.log
>         max log size = 300
>         local master = No
>         wins server = eth0:IP_address, eth0:Alternate_IP_Address
>         hosts allow = 127., 132.181., 10.
> 
> [homes]
>         comment = Home Directories
>         read only = No
>         create mask = 0700
>         directory mask = 0750
> 
> [www]
>         comment = WWW directory
>         path = /export/netfs/www
>         read list = +staff, +webadmin
>         write list = +staff, +webadmin
>         read only = No
>         create mask = 0775
> =============================================
> 


-- 
-------------------------------------------------------------------
Peter Glassenbury			Computer Science department
pete at cosc.canterbury.ac.nz		University of Canterbury
+64 3 3642987 ext 7762			New Zealand

More information about the samba mailing list