[Samba] Change in group membership behavior?
john.nelson at teradyne.com
john.nelson at teradyne.com
Fri Oct 26 13:48:52 GMT 2007
Maybe this is old news, but we've just upgraded from Samba 3.0.7-1.3E.1 on
Redhat Linux 3 to 3.0.10-1.4E.11 on Redhat Linux 4, and we're seeing a
significant change in behavior that has broken our environment.
We use "security=domain". With the earlier version of Samba, we were
relying on the fact that Samba would get the list of groups from the
mapped unix account (after authenticating a domain user). Now, it seems
to be trying to map the Windows domain account groups (and in particular,
the primary group).
For example, users who have a primary group of "Domain Users" are now
failing to create new files (with the group "OURDOMAIN\Domain Users"),
when before, they could create files owned by the unix account's primary
group. We don't support a unix group "Domain Users", and this isn't the
group owner of the directory we are trying to modify.
Is this a known change in Samba behavior? Is there any way to revert to
the old behavior (use the unix account's groups)?
- john nelson
More information about the samba
mailing list