[Samba] Samba 3.0.13 security=ADS / Problem to connect to a share in auth_util.c ==> change of group is not applied

Guy Le Gac guy.legac at ch-stbrieuc.fr
Thu Mar 31 10:07:28 GMT 2005


My SAMBA v3.0.13 (over a linux Redhat 7.3.1 With kernel 2.4.27-4) is 
configured with " security = ADS " to communicate with Active directory 
(2003 server).

the only problem : When i modify the group of a user in the Active directory, this modification is not completely applied to SAMBA...
The orders "getent" and "wbinfo" gives good results but
the user cannot reach a share to which its group is allowed.

a sample => on Active directory (Domain name: GCA_CH22) : user=test, Primary group : "Domain's users", supplementary group : "office"

On samba server:
[root at nas02 log]# id GCA_CH22+test
uid=20037(GCA_CH22+test) gid=20014(GCA_CH22+Domain's users) 
groups=20014(GCA_CH22+Domain's users,20012(GCA_CH22+office)

Samba Trace with loglevel = 5:
 UNIX token of user 20037
 Primary group is 20014 and contains 2 supplementary groups
 Group[  0]: 20014
 Group[  1]: 20050   ===> !!! OLD GROUP.I don't see 20012 group "office"

installed packages : Kerberos, openldap-2.0.23-4, libacl 2.2.7


Thank you

Guy Le Gac

More information about the samba mailing list