Have you confirmed that those group memberships have been truly revoked
in LDAP? Does OpenLDAP need to be reloaded/restarted? Is the client
actually contacting LDAP after you logged them out to find out it's new
group memberships?
--
Michael Coburn
Manuel Graumann wrote:
Hi folks!
Our smb with LDAP PDC now seems to be nearly completed. Just now we found
out something very mysterious. We organized some directorys to be used by
specific domain groups. If we put a user into a group the user is allowed to
access the associated share. So far this works pretty nice.
If we remove the user from the domain group the user seems to keep all his
rights he got from his group membership we removed - even after loggin off
and on again and restarting smb and nmb. This seems to me a very strange
behaviour. Any ideas where we have to look?
Client OS: XP Pro SP 2
Server: openSuse 10.1 64 bit, Samba 3.0.22-13.18, openldap2 2.3.19-18.10,
smbldap-tools 0.9.1-11
Any hint would be nice.
Regards
Manuel
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
