[Samba] winbind + nested groups in ssh = permission denied

Barry Smoke bsmoke at lapo.state.ar.us
Thu Jan 19 15:52:27 GMT 2006

Samba 3.0.21a, winbind setup to auth for ssh sessions.

Active Directory (windows 2003 server)


I have a group (workpaper admins)

which has 4 other groups as members of the group.


I have a file under the filesystem (/data/workpapers)

that has the permissions rwxrwx--- root.workpaper admins


so that anyone that is a member of one of the 4 groups should be able to
create new files in the /data/workpapers directory.


Getent group shows members of all groups, except the workpaper admins


workpaper admins:x:15007:


is that because it is a nested group?



Now the strange thing is, some members of the 4 groups can create new
files in that folder, and some get permission denied.

I can't find a pattern.


Can someone recommend a log to watch, or a smb.conf setting for winbind
that will make it log more, 


Any help appreciated in figuring this one out.


Barry Smoke

Network Administrator

AR Division of Legislative Audit


More information about the samba mailing list