[Samba] Problem with 3.0.23 upgrade from 3.0.22 with rfc2307 patch

Howard Wilkinson howard at cohtech.com
Tue Jul 18 12:41:37 GMT 2006

I have managed to isolate where the problem is, now I need to work out 
what the problem is?

I have a group


in which I am a member - howard.

I have a

valid users = +cohtech

entry in smb.conf for the share I am trying to connect to, I get the 
following reported in the machine.log file -

zebra.log:  string_to_sid: Sid +cohtech does not start with 'S-'.

and the users get rejected. If I declare the user directly then access 
is allowed.

This server gets its group database from the AD controllers via RFC2307.

Anybody know why group expansion may be broken in 3.0.23?

Howard Wilkinson wrote:

> No I already had this turned on!
> Gautier, B (Bob) wrote:
>>> -----Original Message-----
>>> From: samba-bounces+bob.gautier=rabobank.com at lists.samba.org 
>>> [mailto:samba-bounces+bob.gautier=rabobank.com at lists.samba.org
>> ] On Behalf Of Howard Wilkinson
>>> Sent: 18 July 2006 11:50
>>> To: samba at lists.samba.org
>>> Subject: [Samba] Problem with 3.0.23 upgrade from 3.0.22 with 
>>> rfc2307 patch
>>> I have upgraded one of my servers from a 3.0.22 implementation using 
>>> the
>>> rfc2307 patch I supplied some months ago to the 3.0.23 release. I am 
>>> now getting some unexplaned failures and would like some pointers as 
>>> to where to start looking.
>> The rfc2307 schema compatibility in the 'official' 3.0.23 version has to
>> be turned on in smb.conf with
>>     winbind nss info = rfc2307
>> -- that might be something your older code did automatically.
>> Bob G
>> _____________________________________________________________
>> This email (including any attachments to it) is confidential, legally 
>> privileged, subject to copyright and is sent for the personal 
>> attention of the intended recipient only. If you have received this 
>> email in error, please advise us immediately and delete it. You are 
>> notified that disclosing, copying, distributing or taking any action 
>> in reliance on the contents of this information is strictly 
>> prohibited. Although we have taken reasonable precautions to ensure 
>> no viruses are present in this email, we cannot accept responsibility 
>> for any loss or damage arising from the viruses in this email or 
>> attachments. We exclude any liability for the content of this email, 
>> or for the consequences of any actions taken on the basis of the 
>> information provided in this email or its attachments, unless that 
>> information is subsequently confirmed in writing. If this email 
>> contains an offer, that should be considered as an invitation to treat.
>> _____________________________________________________________


Howard Wilkinson





Coherent Technology Limited





23 Northampton Square,





London, United Kingdom, EC1V 0HL




howard at cohtech.com


More information about the samba mailing list