[Samba] New 3.0.21b-1 Samba does not respect system "Groups"

Robert Schetterer robert at schetterer.org
Mon Feb 13 12:47:15 GMT 2006 

Hi, at default smb does not honor linux groups,
use ldap , map your systemgroup via the net command to a smb group
read the smb faqs to this
Regards

Siju George schrieb:
> Hi all,
> 
> I am running
> 
> ii  samba          3.0.21b-1      a LanManager-like file and printer server fo
> ii  samba-common   3.0.21b-1      Samba common files used by both the server a
> 
> on Debian 3.1 (Sarge) Linux  2.6.8-2-386 #1 Thu May 19 17:40:50 JST
> 2005 i686 GNU/Linux
> 
> I have noticed that the Samba software does not recognize newly
> created "groups" with the groupadd commands. I'll demonstrate the
> following.
> 
> I am running the Samba Server with
> 
> security = user
> 
> I have a share defined like this
> 
> [grtest]
>         comment = Intersight Website
>         path = /var/www/grtest
>         read only = no
>         read list = @phpprogrammers
>         valid users = @grtest
>         force group = grtest
>         force create mode = 0775
>         force directory mode = 0775
> 
> The Unix permissions for this folder is
> 
> # ls -l /var/www |grep grtest
> drwxrwxr-x   2 root grtest            48 2006-02-13 14:27 grtest
> 
> The members of the group "grtest" are
> 
> # cat /etc/group |grep grtest
> grtest:x:1029:administrator
> 
> The group was created using the "groupadd" command.
> 
> Now the Samba user "administrator" has the same password as the user
> "administrator" on the Windows 2003 Small business server I am
> sitting.
> 
> When I try to access the [grtest] share from the Win2k3 SBS I am asked
> for a user name and password for which I enter
> 
> sambaworkgroup\administrator
> 
> and password
> 
> But I am not able to connect.
> 
> But if I just change the Share description to have valid users set to
> any group that was created earlier I can access the share with no
> problems. I'll demonstrate it again
> 
> The group
> 
> # cat /etc/group |grep maverick
> maverick:x:1004:administrator,mvarghese
> 
> was create long back.
> And If I put that group in the valid users list as shown below
> 
> [grtest]
>         comment = Intersight Website
>         path = /var/www/grtest
>         read only = no
>         read list = @phpprogrammers
>         valid users = @maverick
>         force group = grtest
>         force create mode = 0775
>         force directory mode = 0775
> 
> and restart the Samba Server, I can go to the Win2k3 SBS and click on
> the share and I can access the share without giving a user name and
> password. ( Password for "administrator" is same on both Systems)
> 
> I found that this problem is only for Groups created recently and not
> for groups created earlier.
> 
> I find it really puzzling :-(
> 
> Could Someone please explain what could have gone wrong?
> 
> Thankyou so much
> 
> Kind Regards
> 
> Siju

-- 
Mit freundlichen Gruessen
Best Regards
Robert Schetterer

robert_at_schetterer_dot_org
Munich / Bavaria / Germany
https://www.schetterer.org

More information about the samba mailing list