[Samba] Problem with LDAP groups and associated file permissions

Michael Coburn mcoburn at jupiterimages.com
Thu Dec 14 16:01:01 GMT 2006

Have you confirmed that those group memberships have been truly revoked 
in LDAP?  Does OpenLDAP need to be reloaded/restarted?  Is the client 
actually contacting LDAP after you logged them out to find out it's new 
group memberships?
Michael Coburn

Manuel Graumann wrote:
> Hi folks!
> Our smb with LDAP PDC now seems to be nearly completed. Just now we found
> out something very mysterious. We organized some directorys to be used by
> specific domain groups. If we put a user into a group the user is allowed to
> access the associated share. So far this works pretty nice.
> If we remove the user from the domain group the user seems to keep all his
> rights he got from his group membership we removed - even after loggin off
> and on again and restarting smb and nmb. This seems to me a very strange
> behaviour. Any ideas where we have to look?
> Client OS: XP Pro SP 2
> Server: openSuse 10.1 64 bit, Samba 3.0.22-13.18, openldap2 2.3.19-18.10,
> smbldap-tools 0.9.1-11
> Any hint would be nice.
> Regards
> Manuel
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list