I have installed samba 3.0.0 on a RedHat 9.0 box. I have used the rpm binary i got from Canada mirror. The server is a dual Pentium II 400 IBM NetFinity 5000. Installation was easy. Testparm outputs:HI,
[EMAIL PROTECTED] root]# testparm Load smb config files from /etc/samba/smb.conf Processing section "[desenv]" Loaded services file OK. 'winbind separator = +' might cause problems with group membership. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions
# Global parameters [global] workgroup = HUCFF server string = Servidor Samba security = DOMAIN password server = ROMULO log file = /var/log/samba/log.%m max log size = 50 name resolve order = wins lmhosts bcast socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = No wins server = 10.12.10.15 idmap uid = 20000-30000 idmap gid = 20000-30000 template shell = /bin/bash winbind separator = + winbind cache time = 10 winbind use default domain = Yes hosts allow = 10., 127.
[desenv] comment = diret�rio de desenvolvimento path = /compart/desenv valid users = @Desenv write list = @Desenv read only = No wbinfo -u and wbinfo -g gets users and groups from a Win2K domain controller (ROMULO) with no problem.
The "desenv" share is configured to permit access from group "Desenv", as we can see from testparm output. The /compart/desenv path is configured like this:
[EMAIL PROTECTED] compart]# ls -lia
total 12
16403 drwxr-xr-x 3 root root 4096 Out 17 18:57 .
2 drwxr-xr-x 20 root root 4096 Out 20 17:03 ..
16404 drwxrwsr-x 23 marcosm Desenv 4096 Out 18 14:34 desenv
"Desenv" is a global group from my win2K domain (HUCFF) and marcosm is a "Desenv" member. Since I could use chown to set Linux permissions to this group and this user, I assume winbind is working fine.
Samba can see marcosm is member of desenv and also that Desenv (ID:20035) is among marcosm's groups:
[EMAIL PROTECTED] compart]# getent group Desenv
Desenv:x:20035:santanna,marcosm,velasco,analucia,anabraga,anarangel,trindade,bet
h,evandro,gloria,gustavom,jcarlos,bortnyk,luzimar,mgsoares,cida,osmario,mbfranca
,leonardo,gmps
[EMAIL PROTECTED] compart]# wbinfo -r marcosm
20010
20035
20037
But I can not access the share from win2k neither from linux:
[EMAIL PROTECTED] compart]# smbclient //seth/desenv -U marcosm
Password:
tree connect failed: NT_STATUS_ACCESS_DENIED
But If I put the user "marcosm" in write list and valid users lines, like this
[desenv]
comment = diret�rio de desenvolvimento
path = /compart/desenv
valid users = marcosm @Desenv
write list = marcosm @Desenv
read only = No
Everything works just fine as we can see:
[EMAIL PROTECTED] compart]# smbclient //seth/desenv -U marcosm
Password:
smb: \> ls
. D 0 Sat Oct 18 14:34:05 2003
.. D 0 Fri Oct 17 18:57:17 2003
Diretoria D 0 Sat Oct 18 14:18:51 2003
Evandro D 0 Sat Oct 18 14:21:46 2003
Gloria D 0 Sat Oct 18 14:22:50 2003
Gustavo D 0 Sat Oct 18 14:22:51 2003
JCarlos D 0 Sat Oct 18 14:22:54 2003
33001 blocks of size 1048576. 26191 blocks available
The problem looks like samba is not expanding @Desenv as an user list that contains marcosm. Any clues? Thanks in advance.
I have exactly the same Problem after upgrading from samba 2.2.8a to 3.0.0. I run Samba on Linux SLES8 and Sun Solaris 7.
Users and groups are managed on w2k domain controler.
With Samba 2.2.8a group membership works fine and is now broken in 3.0.0.
On Samba 3.0.0. "wbinfo -r" and "getent group" show the right group membership, but Samba is ignoring the Group membership an i get NT_STATUS_ACCESS_DENIED when am accessing files or directorys with group read status.
Is this a general Problem? Configuration Problem? Thanks in advance.
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
