[Samba] Problem with 3.0.23 upgrade from 3.0.22 with rfc2307
patch
Howard Wilkinson
howard at cohtech.com
Tue Jul 18 17:03:11 GMT 2006
Don,
you are a genius, this fixed it! Anybody know why?
Howard.
Don Meyer wrote:
> Well, I didn't see the last bit you describe, but I don't run RFC2307
> (yet). We we bit by very similar behavior when moving from 3.0.22 to
> the 3.0.23 RC's. Turns out that the use-default-domain option is not
> being universally applied to groups in 3.0.23. As soon as I changed
> my "valid users = +group" statements to the format "= +domain\group",
> then this problem was fixed for us. Maybe it will do the trick for
> you...
>
> Cheers,
> -D
>
>
> At 07:41 AM 7/18/2006, Howard Wilkinson wrote:
>
>> I have managed to isolate where the problem is, now I need to work
>> out what the problem is?
>>
>> I have a group
>>
>> cohtech:*:16777225:lesley,howard,ecbull
>>
>> in which I am a member - howard.
>>
>> I have a
>>
>> valid users = +cohtech
>>
>> entry in smb.conf for the share I am trying to connect to, I get the
>> following reported in the machine.log file -
>>
>> zebra.log: string_to_sid: Sid +cohtech does not start with 'S-'.
>>
>> and the users get rejected. If I declare the user directly then
>> access is allowed.
>>
>> This server gets its group database from the AD controllers via RFC2307.
>>
>> Anybody know why group expansion may be broken in 3.0.23?
>
>
> Don Meyer <dlmeyer at uiuc.edu>
> Network Manager, ACES Academic Computing Facility
> Technical System Manager, ACES TeleNet System
> UIUC College of ACES, Information Technology and Communication Services
>
> "They that can give up essential liberty to obtain a little
> temporary safety,
> deserve neither liberty or safety." -- Benjamin Franklin,
> 1759
--
Howard Wilkinson
Phone:
+44(20)76907075
Coherent Technology Limited
Fax:
23 Northampton Square,
Mobile:
+44(7980)639379
London, United Kingdom, EC1V 0HL
Email:
howard at cohtech.com
More information about the samba
mailing list