Problem related to ID_TYPE_BOTH -Need suggestion

Stefan (metze) Metzmacher metze at
Thu Jul 18 06:22:32 MDT 2013

Hi Abhidnya,

> With this change, where user is getting set as group, file access through 
> Samba works fine. But If we want to export same share with NFS then it 
> gives access denied for user testuser1 (This I tried on GPFS). This is 
> because while evaluating access, GPFS gets no ACE with user testuser1 and 
> its neither part of group testuser1 (as it was set by Samba). Also when I 
> try to access file locally on GPFS as testuser1, it gets access denied. 
> The ACLs on file in GPFS look like
> group:VIRTUAL1\administrator:rwxc:allow
> group:VIRTUAL1\testuser1:rwxc:allow
> Thus I think ID_TYPE_BOTH support + sid_to_gid() call first will cause 
> problem with multi protocol environment.

I guess we need to fix pam_winbind or nss_winbind, so that the user gets
the correct
unix token also on the command line or via nss.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the samba-technical mailing list