[Samba] 3.0.11 groupmapping 'feature'
Theron Toomey
ttoomey at duke.edu
Mon Mar 7 18:11:21 GMT 2005
Hello,
After upgrading our samba DC from 3.0.10 to 3.0.11, we have been
experiencing problems with groupmapping. In 3.0.10, we had to explicitly
map our Unix groups (local or NIS) to NT groups with a 'net groupmap
add' command.
However, in 3.0.11, all our Unix groups are mapped automagically.
Although they do not show up with a 'net groupmap list' on the DC, our
clients can see them: 'net user myusername /domain' shows all the Unix
groups on the DC.
Looking more closely at the release notes, this might be the relevant
change:
o Volker Lendecke
<snip>
* Unify the means of localtaing a user's global groups on a
Samba DC.
This is a major problem for us. Since windows applies the most
restrictive permission set, files that are not group writable suddenly
become read-only, even if the owner has write access. This is because
the owner of a file is also a member of the file's group.
This was never a problem for us prior 3.0.10 since most of our groups
were not in the groupmap. If possible, I'd love to go back to the
pre-3.0.11 behavior for groupmapping, rather than change the permissions
on all our data.
I have looked through docs/man pages and can't find a way to change
this. Anyone have an idea?
Thanks for your help.
--
Theron Toomey, System Administrator
NSEES-IT (919-613-8148)
More information about the samba
mailing list