[Samba] Problem with 3.0.23 upgrade from 3.0.22 with rfc2307 patch

Howard Wilkinson howard at cohtech.com
Tue Jul 18 17:03:11 GMT 2006


Don,

you are a genius, this fixed it! Anybody know why?

Howard.

Don Meyer wrote:

> Well, I didn't see the last bit you describe, but I don't run RFC2307 
> (yet).  We we bit by very similar behavior when moving from 3.0.22 to 
> the 3.0.23 RC's.  Turns out that the use-default-domain option is not 
> being universally applied to groups in 3.0.23.   As soon as I changed 
> my "valid users = +group" statements to the format "= +domain\group", 
> then this problem was fixed for us.   Maybe it will do the trick for 
> you...
>
> Cheers,
> -D
>
>
> At 07:41 AM 7/18/2006, Howard Wilkinson wrote:
>
>> I have managed to isolate where the problem is, now I need to work 
>> out what the problem is?
>>
>> I have a group
>>
>> cohtech:*:16777225:lesley,howard,ecbull
>>
>> in which I am a member - howard.
>>
>> I have a
>>
>> valid users = +cohtech
>>
>> entry in smb.conf for the share I am trying to connect to, I get the 
>> following reported in the machine.log file -
>>
>> zebra.log:  string_to_sid: Sid +cohtech does not start with 'S-'.
>>
>> and the users get rejected. If I declare the user directly then 
>> access is allowed.
>>
>> This server gets its group database from the AD controllers via RFC2307.
>>
>> Anybody know why group expansion may be broken in 3.0.23?
>
>
> Don Meyer                                           <dlmeyer at uiuc.edu>
> Network Manager, ACES Academic Computing Facility
> Technical System Manager, ACES TeleNet System
> UIUC College of ACES, Information Technology and Communication Services
>
>   "They that can give up essential liberty to obtain a little 
> temporary safety,
>         deserve neither liberty or safety."     -- Benjamin Franklin, 
> 1759


-- 

Howard Wilkinson

	

Phone:

	

+44(20)76907075

Coherent Technology Limited

	

Fax:

	

 

23 Northampton Square,

	

Mobile:

	

+44(7980)639379

London, United Kingdom, EC1V 0HL

	

Email:

	

howard at cohtech.com

 



More information about the samba mailing list