We're currently using the Sun bundled Samba to provide CIFS access to our ZFS user/group directories.
I found a bug in active directory integration mode, where if a user is in more than 32 active directory groups, samba calls setgroups with a group list of greater than 32, which fails, resulting in the user having absolutely no group privileges beyond their primary group. I opened a Sun service request, #71547904, to try and get this resolved. When I initially opened it, I did not know what the underlying problem was. However, I wasn't making any progress through Sun tech support, so I ended up installing the Sun samba source code package and diagnosing the problem myself. In addition, I provided Sun technical report with a simple two line patch that fixes the problem. Unfortunately, I am getting the complete run around on this issue and after almost 2 months have been unable to get the problem fixed. They keep telling me that support for more than 32 groups in Solaris is not a bug, but rather an RFE. I completely agree -- I'm not asking for Solaris to support more than 32 groups (although, as an aside, it sure would be nice if it did -- 32 is pretty small nowadays; I doubt this will get fixed in Solaris 10, but anyone have any idea about possible progress on that in openSolaris?); all I'm asking is that samba be fixed so the user at least gets the first 32 groups they are in rather than none at all. That is the behavior of a local login or over NFS, the effective group privileges are that of the first 32 groups. Evidently the samba engineering group is in Prague. I don't know if it is a language problem, or where the confusion is coming from, but even after escalating this through our regional support manager, they are still refusing to fix this bug and claiming it is an RFE. I think based on the information I provided it should be blindingly obvious that this is a bug, with a fairly trivial fix. I'm pretty sure if they had just fixed it rather than spent all this time arguing about it would have taken less time and resources than they've already wasted 8-/. While not directly a ZFS problem, I was hoping one of the many intelligent and skilled Sun engineers that hang out on this mailing list :) might do me a big favor, look at SR#71547904, confirm that it is actually a bug, and use their internal contacts to somehow convince the samba sustaining engineering group to fix it? Please? Thanks much... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | hen...@csupomona.edu California State Polytechnic University | Pomona CA 91768 _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
