[Samba] Please Help with Secondary Groups

MICHAEL BROWN MBROWN at mesainc.com
Fri Jan 9 21:42:32 GMT 2004


Thanks for your reply Craig.

Yes, getent DOES show the group and users correctly and yes, I have
tried switching the nsswitch.conf file to:

group: ldap files nis

but that does not work either.
What DOES work, I found this out a little while ago, is setting the
directory to the GID within LDAP like:
chown :5011 /home/test
5011 is the name of the group with the number of users above 60 or 70. 
Samba will authenticate correctly like this.
Any group with the total user count below that number, (60 or 70), will
allow me to use the actual name of the group but
if you go above that number in the secondary groups, it does not
recognize the name on ANY Redhat machine that I have in production.
As I stated earlier, I have no problem on Mandrake 8.2


>>> Craig White <craigwhite at azapple.com> Friday, January 09, 2004 >>>
On Fri, 2004-01-09 at 12:27, MICHAEL BROWN wrote:
> System:
> I am running RedHat 8.0 (2.4.18-14smp) with SAMBA 2.7 and user
> authentication against OpenLDAP 2.1.22.
> 
> Problem:
> On RedHat, Put over (I think 70 or so) users within a secondary
group. 
> Got to Konqueror or Nautilus and try to change
> a directory's permissions to that group with over 70 or so users in
it,
> (it may be 80 or 90 users), YOU CAN NOT assign that
> group to have ownership of that directory or any directory.  It will
> revert back to what the ownership was before.  You CAN NOT
> assign the group rights with a chmod either.  
> 
> MANDRAKE 8.2 WILL ALLOW THIS, HOWEVER!
> 
> DOES ANYONE know what I may be missing on Redhat?  This is killing
me!
----
This isn't a Red Hat problem - I do this all the time. This is a
configuration problem.

getent group #does it list the groups in /etc/group first and then
             #the groups in LDAP?

chmod problems? are you trying to change the mount? The mount is owned
by whomever made the mount

just to show you that it works on samba...
[root at linserv1 samba]# mkdir test
[root at linserv1 samba]# chown "Craig White"."Domain Users" test
[root at linserv1 samba]# ls -l
total 14
<data snipped for clarity>
drwxr-xr-x    2 Craig White Domain Users     4096 Jan  9 14:13 test
[root at linserv1 samba]# grep "Craig White" /etc/passwd
[root at linserv1 samba]# grep "Domain Users" /etc/group
[root at linserv1 samba]# getent passwd|grep "Craig White"
Craig White:x:1003:1008:System User:/home/users/Craig White:/bin/false
[root at linserv1 samba]# getent group|grep "Domain Users"
Domain
Users:x:1008:root,artstation,Administrator,catchalladv,catchallpr,nkelley,kb
enedetto,cmullen,cnassa,dgibson,dmitchell,efigg,equijada,jconcors,jgrammond,
jwhittle,khageman,lhjerpstedt,lschnebly,mlalone,mmotta,msmith,msparks,mwilli
 ams,pshannon,rcrisman,spainter,scooperman,sstrauss,test,dwaddle

check your /etc/nsswitch.conf

Craig



More information about the samba mailing list