[Samba] Samba ADS member: using local groups

Fri, 23 Jun 2006 03:16:41 -0700 

Hi.
I have problems using local groups on a SAMBA ADS member. I encountered the problem when I switched from Fedora Core 4 to Fedora Core 5. 

I'm using the FC5 samba-3.0.22-1.fc5 package.


The SELinux is set to permissive mode (SELINUX=permissive), so this should 
not cause problems.




I'm using same scripts for generating group mapping and add users to 
groups, as I used on FC4.




The problem is I can not access to a newly created share. I'm getting 
access denied.



Details:
----
smb.conf:
  workgroup = MYAD
  realm = MYAD.SI
  security = ads
  netbios name = SRV
  use kerberos keytab = True

  local master = no
  domain master = no
  preferred master = no
  domain logons = no

  winbind cache time = 150
  template shell = /bin/false
  template homedir = /dev/null
  idmap uid = 16777216-33554431
  idmap gid = 16777216-33554431

  enable privileges = no
  allow trusted domains = yes
  winbind trusted domains only = no
  winbind use default domain = no
  acl group control = no
  winbind enum groups = yes
  winbind enum users = yes
  winbind nested groups = yes

[testg]
  path = /tmp/testg
  browsable = yes

# net groupmap list | grep testg
testg (S-1-5-21-36326577-213813108-2479972072-35181) -> testg

# net rpc group members testg -U MYAD\\damird%pass
MYAD\damird

# grep testg /etc/group
testg:x:17090:MYAD\damird

# getent group testg
testg:x:17090:MYAD\damird

# getent group SRV\\testg
testg:*:16777937:MYAD\damird

# chown root:testg /tmp/testg
# chmod 770 /tmp/testg
# ls -ald /tmp/testg
drwxrwx--- 17 root testg 4096 Jun 23 11:26 /tmp/testg

# sudo -u MYAD\\damird ls -al /tmp/testg
total 16
drwxrwx--- 2 root testg 4096 Jun 23 11:43 .
drwxrwxrwt 8 root root  4096 Jun 23 11:39 ..

# cat /var/log/samba/10.10.10.100.log
[2006/06/23 11:44:25, 1] smbd/service.c:make_connection_snum(693)

  10.10.10.100 (10.10.10.100) connect to service testg initially as user 
MYAD\damird (uid=16777217, gid=16777217) (pid 6509)

[2006/06/23 11:44:25, 0] smbd/service.c:set_current_service(49)
  chdir (/tmp/testg) failed
[2006/06/23 11:44:25, 0] smbd/service.c:set_current_service(49)
  chdir (/tmp/testg) failed
[2006/06/23 11:44:26, 0] smbd/service.c:set_current_service(49)
  chdir (/tmp/testg) failed
----


Any hint will be appreciated :)

Thanks and best regards,
Dezo
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba














    











					Reply via email to