[Samba] 'username = @group' not working correctly

Rene Fleschenberg rene at korteklippe.de
Mon Sep 4 11:25:28 GMT 2006


I am running a Samba file server (Version 3.0.22) with 'security =
share'. Here is one of my share definitions:

        path = /var/smb/archive
        writeable = Yes
        username = @staff
        valid users = @staff

First question: In the manpage for smb.conf, it is mentioned that
'+group' expands to the Unix group named 'group'. But that does not work
for me. Using the '@group' syntax works. Is this an error in the

However, my actual problem is this:

I need the 'username = @group' mechanism because some of my clients do
not supply a correct username. The problem is that it does not seem to
work for most user accounts. It does work for exactly two users.

After experimenting and looking at the debug logs, I concluded that
Samba only checks the supplied password against the first two users who
are listed as members of the group 'staff' in /etc/group. After checking
the second user, it aborts. These first two users can connect to the
service fine, but all others can not.

If the relevant line in /etc/group looks like this:


Then foo and bar can connect, baz can not. If I swap bar and baz in
/etc/group, then baz can connect and bar can not.

Is this a known problem? How do I fix this?

OpenPGP key id: 0x63B1F5DB
JID: rene.fleschenberg at jabber.ccc.de

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba/attachments/20060904/11b4d894/signature.bin

More information about the samba mailing list