Hi all On a CentOS 5.4 system with Samba 3.0.33 (member server of an AD domain in 2003 native mode) I have the problem that certain users can't use the shares (can't logon), while others can.
I *think* this is related to the fact that those users unable to connect are member of a huge number of groups (100+). We know from experience that this is a problem in Windows itsself (need to set MaxTokenSize as discussed here http://support.microsoft.com/kb/327825) or with Apache mod_auth_kerb (need to set LimitRequestFieldSize in Apache). Unfortunately, I was unable to find any clear indication that this might also be a problem with Samba/Winbind, let alone find a solution for it. And I must admit that I don't have any log entries that actually point me in this direction, so it's more of a "feeling" :-/ I just wanted to ask if that (users being member of a huge number of AD groups and thus there Kerberos ticket getting really big) can be at all a problem with Samba/Winbind and that I should investigate more thouroughly along this line? -- CU, Joe -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
