[Samba] Samba not get updated list of user group membership
Tobias Hachmer
t.hachmer at s-v.de
Thu Jan 4 10:23:50 UTC 2024
Hello and a Happy New Year to all,
we have a Samba 3-Node CTDB Cluster running Standalone Samba with LDAP
Backend.
Samba Version: 99:4.18.9-9debian11
OS: Debian 11
Since a quite of time samba doesn't get the updated group list for a
user. We add a user to an existing LDAP Group to grant access to an
existing share. The passwd database gets updated via nslcd, but samba
doesn't show all groups. Here's an example:
Samba Log when the new user added to the group want to access the share:
---
Jan 04 11:09:12 smb-002 smbd[1269695]: [2024/01/04 11:09:12.924665, 0]
../../source3/smbd/smb2_service.c:117(chdir_current_service)
Jan 04 11:09:12 smb-002 smbd[1269695]: chdir_current_service:
vfs_ChDir(/srv/samba/shares/EXAMPLE_SHARE) failed: Permission denied.
Current token: uid=38923, gid=20000, 12 groups: 2086 2235 2241 2289 2332
2552 5505 5585 5619 5625 27 2117
---
If I run id with the uid number I get all groups, which are more than
samba shows in the log:
---
~# id 38923
uid=38923(xxx) gid=20000(xxx)
groups=27(xxx),2086(xxx),2117(xxx),2235(xxx),2241(xxx),2289(xxx),2332(xxx),2552(xxx),5505(xxx),5585(xxx),5587(xxx),5619(xxx),5625(xxx),20000(xxx)
---
The group id in question is "5587", which is shown by id but not in the
samba log.
Our configuration is here: https://pastebin.com/NUQHLqrT
I have invalidated the nscd group table, restarted the CTDB Cluster,
restarted nslcd ...
Any help really appreciated.
Thanks and regards
Tobias
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2894 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba/attachments/20240104/8e0fbbf1/smime.bin>
More information about the samba
mailing list