[Samba] Wrong groups with 'wbinfo -r user' but right groups
with'id user'
Peter Trifonov
petert at dcn.infos.ru
Fri Oct 27 07:06:26 GMT 2006
Hi,
> The first command shows a total of 30 GIDs, some of which are
> correct and some are not. The second command shows 14
> groups, all of which seem to be correct (except that using
> version 3.0.23c from the backports, I get a spurious GID
> which does not have a group name, but this might be a side issue).
>
> Another test I ran was the command id (without arguments)
> after "su - 'DOMAIN\test_user'". This also shows 30 groups,
> as with the first command.
>
> It seems to me that my problem might not be really similar to the
> problem(s) described in those 2 messages:
> http://lists.samba.org/archive/samba/2006-September/125643.html
> http://lists.samba.org/archive/samba/2006-October/126101.html
>
> Indeed, in those messages, there is only one group listed by
> the second command. I also have this kind of result with a
> certain smb.conf configuration (I think it is the case when I
> comment out the variable "winbind enum groups").
I have just tried enabling "winbind enum groups" (WEG) and got exactly the
same behaviour as you have described.
Namely:
1. wbinfo -r shows spurious GID (both with WEG=yes and WEG=no)
2. id shows all groups with WEG=yes and only "Domain Users" with WEG=no
3. If WEG=yes, the user can access a directory of his group, but with WEG=no
this is not possible.
I did not see incorrect group membership, but this is probably because there
are not so many groups in my setup.
I have 2 domain controllers in my network, one Win2K and one W2003.
netstat shows that ldap and microsoft-ds sessions are established with W2003
server.
With best regards,
P. Trifonov
More information about the samba
mailing list