[Samba] ACL group permissions only work on primary group (Rick
Segeberg)
Wolfgang Büch
buech at uni-hamburg.de
Tue Apr 15 07:32:43 GMT 2003
We faced the same Problem Samba not recognizing secondary groups of an
individual user. The reason is the handling of small an capital letters of
the user uid between samba and ldap.
Ldap for example has the following person and group:
uid=Thomas,dc=...,dc=...,dc=de
cn=group1,ou=groups,dc=...,dc=...,dc=de
Group1 has the attribute "memberUid=Thomas"; this means "Thomas" is member
of "group1" ; he has a secondary Group Membership for "group1".
Normaly any share, which has the underlying unix permission for this
secondary group set to rwx, should grant the access permission to that
share for "Thomas". But it doesn't work.
Examing the syslog (ldap) we found, that samba is searching for
memberUid=thomas in small letter.
If you change
"uid=Thomas,dc=...,dc=...,dc=de"
to
"uid=thomas,dc=...,dc=...,dc=de"
It should work!
Wolfgang
Wolfgang Büch
Unix - und Windows Systemadministration
Universität Hamburg
Regionales Rechenzentrum
Gruppe Virtuelle Campus Bibliothek - VCB
Schlüterstrasse 70
D-20146 Hamburg
Tel.: (+40) 42838-3094
Random Thought:
--------------
More information about the samba
mailing list