[Samba] SAMBA Groups and Permissions

Michael Gasch gasch at eva.mpg.de
Thu Dec 4 09:21:36 GMT 2003


i have a user

~# id test_user
uid=500,gid=500 (users),groups (users,kids)

as you can see, this user is in primary group "users" and also member of 
group "kids"

if he tries to access /home/board via smb (Samba 3.0 + openldap) from a 
windows client (XP), he fails, because his

sambaPrimaryGroupSID maps to -> "users"

and /home/board is not accessible for group "users" - just for "kids"
if i add

valid users = @kids

to /home/board - share, access is granted

isn't it possible in samba, that the user "test_user" gets an attribute like

sambaSecondaryGroup in ldap ????

so that samba knows: "this user is in group users AND kids, so i have to 
try connections to share /home/board as group users AND kids" ???

if i login locally to the samba PDC with a console as "test_user", 
access to /home/board is granted, 'cause i'm member of "kids"

so there's no permission problem

please help me !!!


More information about the samba mailing list