[Samba] Problem with 3.0.23 upgrade from 3.0.22 with rfc2307 patch

Howard Wilkinson howard at cohtech.com
Tue Jul 18 17:03:11 GMT 2006


you are a genius, this fixed it! Anybody know why?


Don Meyer wrote:

> Well, I didn't see the last bit you describe, but I don't run RFC2307 
> (yet).  We we bit by very similar behavior when moving from 3.0.22 to 
> the 3.0.23 RC's.  Turns out that the use-default-domain option is not 
> being universally applied to groups in 3.0.23.   As soon as I changed 
> my "valid users = +group" statements to the format "= +domain\group", 
> then this problem was fixed for us.   Maybe it will do the trick for 
> you...
> Cheers,
> -D
> At 07:41 AM 7/18/2006, Howard Wilkinson wrote:
>> I have managed to isolate where the problem is, now I need to work 
>> out what the problem is?
>> I have a group
>> cohtech:*:16777225:lesley,howard,ecbull
>> in which I am a member - howard.
>> I have a
>> valid users = +cohtech
>> entry in smb.conf for the share I am trying to connect to, I get the 
>> following reported in the machine.log file -
>> zebra.log:  string_to_sid: Sid +cohtech does not start with 'S-'.
>> and the users get rejected. If I declare the user directly then 
>> access is allowed.
>> This server gets its group database from the AD controllers via RFC2307.
>> Anybody know why group expansion may be broken in 3.0.23?
> Don Meyer                                           <dlmeyer at uiuc.edu>
> Network Manager, ACES Academic Computing Facility
> Technical System Manager, ACES TeleNet System
> UIUC College of ACES, Information Technology and Communication Services
>   "They that can give up essential liberty to obtain a little 
> temporary safety,
>         deserve neither liberty or safety."     -- Benjamin Franklin, 
> 1759


Howard Wilkinson





Coherent Technology Limited





23 Northampton Square,





London, United Kingdom, EC1V 0HL




howard at cohtech.com


More information about the samba mailing list