[Samba] winbind and w2k groups

[Grégory BENOIST]

Hello,

I'm using samba 2.2.7a w/ redhat 8.0, and a w2k server as a DC (french language version). I've configured samba to be a member of the mixed-mode w2k domain, and I authenticate my users from the w2k DC with winbind/pam. I can wbinfo -u/-g/-t/-p without any problems and getent passwd/group give me the correct output.
This setup is almost working as i expect it to.

But...
All my w2k domain users are in the primary group "DOMAIN\Utilisa. du domaine" ("DOMAIN\Domain Users" in the US version of w2k) wich winbind maps to GID 10000.

When i try to ssh into my redhat server using a "DOMAIN+user" account, i got the following message: 'id: cannot find name for group ID 10000', but i can still login.
If i change my primary group to something different, no message.

When i try to chgrp a directory to the domain group name "DOMAIN+Utilisa. Du domaine", i got the following error:
$ chgrp "DOMAINE+Utilisa. du domaine" Directory1
chgrp: invalid group name `DOMAIN+Uilisa. du domaine'

If i try to chgrp the directory to the domain group GID (10000), it gets accepted, but makes ls -al output to show GIDs instead of group names for _every_ directories, _except_ for the ones with group names containing accents (I got "character set = ISO8859-15" and "client code page = 850" in my smb.conf).

If i chgrp the directory to another group name and then ls -al, i see the group names again.

If i add a "DOMAIN+Utilisa. Du domaine:x:10000:" entry to my /etc/group, and then ls -al, i see the group names too and i can also directly chgrp using the name "DOMAIN+Utilisa. Du domaine", but i'm sure that is a good solution.

I suspect the "." in group names to be the source of my problems... But that are pure speculations.

Any ideas?

-- 
CCI74 - T.I.C / systèmes et réseaux
Grégory Benoist <mailto:gb at haute-savoie.cci.fr>