[Samba] 3.0.20 -> 3.0.23 SID/group error?? Won't connect.
Lamar.Saxon at americredit.com
Lamar.Saxon at americredit.com
Fri Aug 11 13:38:41 GMT 2006
I had the same problem on AIX with Samba 3.0.23b upgrading Samba
3.0.23a. The solution I found was to change all "valid users" to
"users". The documents still say "valid users" is acceptable; but it
would not work once I went to 3.0.23b.
Lamar
-----Original Message-----
From: Franz Sirl [mailto:Franz.Sirl-kernel at lauterbach.com]
Sent: Friday, August 11, 2006 4:20 AM
To: Gerald (Jerry) Carter
Cc: samba
Subject: Re: [Samba] 3.0.20 -> 3.0.23 SID/group error?? Won't connect.
At 00:44 11.08.2006, Gerald (Jerry) Carter wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>david,
>
> > HELP! On mandriva, I compiled samba from source
> > and got it running, but I cannot connect from windows.
> > (see my post from earlier "[Samba] Compiling and
> > Configuring Samba for Mandrival")
>
> > david at rankin-xp:~> smbclient //bonza/office
> > Password:
> > Domain=[RB_LAW] OS=[Unix] Server=[Samba 3.0.23b]
> > tree connect failed: NT_STATUS_ACCESS_DENIED
>...
> > I have attached a level 10 debug if that will help.
> > This is a standalone server.
>
>Attachments get stripped from the list. I need
>your smb.conf, a level 10 debug log from smbd,
>and output from the following tow commands
>
>* pdbedit -L -w | cut -d: -f1
>* net groupmap list | cut -d\( -f1
Hi,
I have the same problem with a simple security = user, non-LDAP,
non-windbindd etc. setup. I can workaround this for
gid=100/groupname=users with:
valid users = S-1-5-21-1540046517-542637695-1028676802-1201
My net getlocalsid:
SID for domain HOSTNAME is: S-1-5-21-1540046517-542637695-1028676802
These didn't work:
valid users = +users
valid users = +HOSTNAME\users
valid users = +BUILTIN\users
valid users = +"Unix Group\users"
valid users = S-1-22-2-100
This seems also to be related on which versions of samba were working
before on a machine (seems to depend on the contents of the .tdb),
but so far I could always reproduce it when I delete most of the
.tdb's except printer related and secrets.tdb.
Maybe some "net groupmap" statements are now necessary for simple
setups as well?
bye,
Franz.
Privileged and Confidential. This e-mail, and any attachments there to, is intended only for use by the addressee(s) named herein and may contain privileged or confidential information. If you have received this e-mail in error, please notify me immediately by a return e-mail and delete this e-mail. You are hereby notified that any dissemination, distribution or copying of this e-mail and/or any attachments thereto, is strictly prohibited.
More information about the samba
mailing list