On Wed, Jun 28, 2006 at 10:40:38AM +1000, Adam Nielsen wrote: > > > Here's the problem, a member of 'CATNET\adm staff' cannot access a > > > file for which 'CATNET\adm' has r/w access > > > (group:CATNET\134adm:rwx). But if > > FWIW, this works here (Samba 3.0.21rc2), but I did need 'winbind nested > groups = yes' first. I don't seem to have changed much else in > smb.conf that might affect this.
Ah, glad we're fixing bugs moving forward :-). > This however, *doesn't* work. Running 'id' only tells me I'm a member > of "DOMAIN\domain users" but it doesn't list *any* other groups I'm a > member of. > > But Samba still gives me access if a group containing a group > containing me has permission. smbd has backdoors into winbindd that other processes don't. Still, I thought 'winbind nested groups' expanded for NSS groups - maybe not. I'd need to look at the code to be sure. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
