Maybe I am wrong now, but as far as I now there have been several bugfixes according ADS, ldap and kerberos.
Anyway an alpha-version is not for a production environment, so update to the latest version of samba! Best greetz Sascha Am Mittwoch, 7. April 2004 23:14 schrieb Sam Aylestock: > My apologies....this is the info from the original post and I am having > the exact problem. The only difference is I am using the current > version of SAMBA(3.02)and Fedora Core 1. The original is as follows... > > Intro: > There have been a few postings on this subject with few answers. If > anyone knows where to point those of us trying to work this out, or will > enlighten us as to the limitations of ACL's and Samba, we would > appreciate your help. So far, acl.bestbits.at does not have any > information on this particular problem. > > Environment: > Samba 3.0 alpha 21 or 23 (I skipped 22, but most likely it had the same > problem) > Red Hat 8.0 > Kernel 2.4.20 w/ acl patches from acl.bestbits.at > Ext3 filesystem mounted w/ acl option > > Problem: > Samba is successfully authenticating users via a W2K domain using ADS. > Logins and passwords work great, individual file access permissions work > fine. The problem is when setting group file or directory access > permissions, Samba/Linux only recognizes a user's "primary group". This > means if a user is a member of more than one group (by default, everyone > is a member of Domain Users which is also their primary group) only > their primary group is looked at for file/directory access permissions > on the Samba server. > > This causes two problems: > > 1) I have to manually go through every user (250+) a set their default > group to something other than Domain Users (unless, of course, that's > adequate for my needs). This is time consuming, but I can live with it. > > 2) The bigger problem is that a person can only receive access to > files/directories based on membership in only one group. For example, > John is a member of coders and a member of management with coders being > his primary group. Without assigning individual rights, John will only > be able to access the coders directory and will not have access to the > management directory even though the management group has full access to > it. Yes, it would be easy to just assign John individual rights to the > management directory, but this becomes an exponential headache when you > multiply this scenario out across a large company of similar situations. > > > > Sam Aylestock > Sr. Network Administrator > TREEV > Proven Solutions . Real Results .(tm) > Tel: 703-904-3139 > http://www.treev.com/ > > > -----Original Message----- > From: Radio Gong 2000 GmbH & Co. KG [Technik] > [mailto:[EMAIL PROTECTED] > Sent: Wednesday, April 07, 2004 5:09 PM > To: Sam Aylestock; [EMAIL PROTECTED] > Subject: AW: [Samba] ACL group permissions only work on primary group > > Can u please describe ur problem a bit more? > > Regards > > Sascha > > -----Ursprungliche Nachricht----- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Auftrag von Sam Aylestock > Gesendet: Mittwoch, 7. April 2004 23:02 > An: [EMAIL PROTECTED] > Betreff: [Samba] ACL group permissions only work on primary group > > > I just join this list. Did anyone give a reply to this question? I > have been struggling with this same problem. > > Sam Aylestock > Sr. Network Administrator > TREEV(r) > Proven Solutions . Real Results .(tm) > Tel: 703-904-3139 > http://www.treev.com/ > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
