[Samba] Groups not recognized

Paul Gienger pgienger at ae-solutions.com
Thu Aug 19 21:35:46 GMT 2004 

> I've got an issue with a fresh (and I mean really fresh) 3.0.5 + ldap 
> server where doesn't seem to recognize unix group membership.  The 
> server was 2.2.8a last night and things were working.  The unix side 
> works flawlessly, in other words if I log in as myself I can get where 
> I need to, but under samba I get nothing.  Here's some supporting info:

Ok, apparently this is a solaris-vs.-LDAP issue.  I've tested with a 
machine running Solaris 9 12/02 (that I could reboot) and with anything 
higher than 112960-03 you can't see supplimentary groups, but with -03 
you can do everything like you want to, although the id command never 
shows all the groups, but I think that's a solaris-ism.

Here's the rub, I've got a Solaris 9 8/03 box that has to be upgraded, 
but that version is post 112960-03. Does anybody know of a way around 
this??? I'm not completely averse to ripping out sun's nss library, but 
that's a little more work than this cat likes to do.

>
> my group membership information:
> [fgoserv:bin]# groups pgienger
> itserv applied itadmin office projects
>
> permissions on the directory:
> [fgoserv:itserv]# ls -alF
> total 8
> drwxrws---   4 speterso itserv       512 Mar  3 09:03 ./
> drwxr-xr-x   8 root     root         512 Jun 25 08:10 ../
> drwxrws---   5 speterso projects     512 Jun 22 09:34 projects/
> drwxrwsr-t   7 root     itserv       512 Aug  3 16:47 shared/
>
> So from that I can access projects and subdirectories with uid 
> pgienger on unix.  On samba 3, not so much.  This did work under 
> 2.2.8a last night.  My question then is 'is there anything else I 
> should need to do to get the groups to recognize?'  This is one 
> example, there are many more people/groups/directories that show this 
> behavior as well.
>
> I'm pretty sure I've seen this posting before on the list but I 
> couldn't find any resolutions... so if somebody solved it - shame on 
> you for not sharing :-P
>
> Thanks
>

-- 
Paul Gienger                     Office: 701-281-1884
Applied Engineering Inc.         
Information Systems Consultant   Fax:    701-281-1322
URL: www.ae-solutions.com        mailto: pgienger at ae-solutions.com

More information about the samba mailing list