[Samba] Problem with 3.0.23 upgrade from 3.0.22 with rfc2307 patch
dlmeyer at uiuc.edu
Tue Jul 18 15:48:53 GMT 2006
Well, I didn't see the last bit you describe, but I don't run RFC2307
(yet). We we bit by very similar behavior when moving from 3.0.22 to
the 3.0.23 RC's. Turns out that the use-default-domain option is not
being universally applied to groups in 3.0.23. As soon as I changed
my "valid users = +group" statements to the format "= +domain\group",
then this problem was fixed for us. Maybe it will do the trick for you...
At 07:41 AM 7/18/2006, Howard Wilkinson wrote:
>I have managed to isolate where the problem is, now I need to work
>out what the problem is?
>I have a group
>in which I am a member - howard.
>I have a
>valid users = +cohtech
>entry in smb.conf for the share I am trying to connect to, I get the
>following reported in the machine.log file -
>zebra.log: string_to_sid: Sid +cohtech does not start with 'S-'.
>and the users get rejected. If I declare the user directly then
>access is allowed.
>This server gets its group database from the AD controllers via RFC2307.
>Anybody know why group expansion may be broken in 3.0.23?
Don Meyer <dlmeyer at uiuc.edu>
Network Manager, ACES Academic Computing Facility
Technical System Manager, ACES TeleNet System
UIUC College of ACES, Information Technology and Communication Services
"They that can give up essential liberty to obtain a little
deserve neither liberty or safety." -- Benjamin Franklin, 1759
More information about the samba