[Samba] LDAP Group Mapping Problem w/ Samba 2.2.5
Philip Poten
philip.poten at bluebull.com
Tue Sep 24 17:58:00 GMT 2002
Hi there.
I have set up a Samba 2.2.5 Server with LDAP support. I don't wont local
system users, so i also set up PAM authentication against ldap. This
works fine, Machine Trusts and Users are not needed to be local (in
/etc/passwd or /etc/group). The same with Groups. Now here is my Problem.
Example:
Assume two users, alice and bob, and two groups, alice-group and
bob-group which are all represented in ldap.
alice has primary group alice-group
bob has bob-group
bob has no secondary group membership
alice is group member in bob-group
Assume two directories, like:
drwxr-x--- 2 alice alice-group 4096 Sep 24 07:43 alice-dir
drwxr-x--- 2 bob bob-group 4096 Sep 24 07:43 bob-dir
Remember, both, users and groups only exist in ldap, not in /etc/passwd
or /etc/group.
When alice logs in on the linux box, everything works as it should, that
means, alice can cd into alice-dir as well into bob-dir. bob can only cd
into bob-dir.
When alice tries to access these files over a smb share (the same user,
the same files!), she can only cd into alice-dir, not into bob-dir -
That means, groups and users are well recognized by samba (and, of
course, by the system itself) but the group-membership mapping only
works in the shell, not with samba.
Can anybody give me a hint what this problem is about? Or how i can fix
it? Or at least, who i can ask? Is this a bug or did i forget something?
Thank you all in advance,
kind regards,
Philip Poten
More information about the samba
mailing list