set ngroups_max=32
in /etc/system file and rebooting the server. If you do this, the server complains about some NFS problems:
# dmesg | grep -i ngroups
Mar 5 17:50:25 chevette unix: [ID 953839 kern.warning] WARNING: ngroups_max of 32 > 16, NFS AUTH_SYS will not work properly
But again, the cap is raised to 32 from 16.
To increase the parameter 'ngroups_max' beyond 32, one needs to modify the files '/usr/include/limits.h, /usr/include/sys/param.h', and rebuild the kernel. But there is no way to compile the new kernel on solaris by using this modified files. The 'boot -r' from the boot prom level will not recompile the kernel, it just loads the existing kernel using '/etc/system' parameters which are limited by the parameters set by '/usr/include/sys/param.h' during the original compilation.
-Gopal
Michael G. Noble wrote:
Solaris has a 15 member limit to groups. Since you are under that limit, it should not be a problem. I have Samba running on an Ultra
60 with Solaris8, samba version 2.2.5. I have users who are members
of at least 14 groups and not having any problems accessing shared
folders.
Mike
On Tue, 2003-03-04 at 13:35, Gopal Bhat wrote:
I am facing a strange problem related to authentication of NT users accessing the SAMBA server.
Here are the details:
Server: Solaris 9, SUN Ultra 60, SAMBA 2.2.7a with PAM and WINBIND
Client: Windows XP, NT4.0, 2000
Symptoms:
Created a share \\server\test (UNIX: /export/SMB/test) with access to group 'TestGoup' where 'TestUser' is a member.
'TestUser' is a member of 10 more groups along with 'TestGroup' (Total number of TestUser's group = 11)
With the above settings 'TestUser' can't access the share '\\server\test', and the following message shows up in the Client.log:
[2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(244)
Unable to initgroups. Error was Not owner
[2003/03/04 13:31:52, 0] smbd/sec_ctx.c:initialise_groups(247)
This is probably a problem with the account domain\testuser
[2003/03/04 13:31:52, 0] smbd/service.c:make_connection(599)
client (10.81.105.121) Can't change directory to /export/SMB/test (Permission denied)
If I change the number of groups the user 'TestUser' belongs from 11 to 8 ('TestGroup' + 7 other groups), the user can access the share '\\server\test' without any problems.
It looks like there is some limitation on number of NT group memberships 'smbd' can handle. Note: 'wbinfo' returns all the right groups of the user without any problems.
Is there anyone out there who is aware of this problem and knows a workaround/solution to this?
I really appreciate any help from the prestigious SAMBA Team.
Thanks, Gopal
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
