This works for us, so it's something that should work. It's probably related to the way your authentication is setup, we used to use custom from before IBM supporting AD+LDAP and we had to add entries for the group SID in the LDAP server also, but since moving to "supported" way of doing this, we don't think we need this anymore.. You might want to do some digging with the wbinfo command and see if groups/SIDs resolve both ways, but I'd suggest opening a PMR on this.
You could also check what file-permissions look like with mmgetacl. In the past we've seen some funkiness where creator/owner isn't on/inherited, so if the user owns the file/directory but the permission is to the group rather than directly the user, they can create new files but then not read them afterwards (though other users in the group can). I forget the exact details as we worked a standard inheritable ACL that works for us __ Simon On 02/10/2019, 18:02, "[email protected] on behalf of David Johnson" <[email protected] on behalf of [email protected]> wrote: After converting from clustered CIFS to CES protocols, we’ve noticed that SMB users can’t access files owned by groups that they are members of, unless that group happens to be their primary group. Have read the smb.conf man page, and don’t see anything obvious that would control this… What might we be missing? Thanks, — ddj Dave Johnson Brown University CCV/CIS _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
