thr3ads.net - samba - [Samba] ACL group permissions only work on primary group (Rick Segeberg) [Apr 2003]

If this information is useful, please help other people find it:
Share via:

Wolfgang Büch

2003-Apr-15 07:32 UTC

[Samba] ACL group permissions only work on primary group (Rick Segeberg)

We faced the same Problem Samba not recognizing secondary groups of an
individual user. The reason is the handling of small an capital letters of
the user uid between samba and ldap.
Ldap for example has the following person and group:
uid=Thomas,dc=...,dc=...,dc=de
cn=group1,ou=groups,dc=...,dc=...,dc=de

Group1 has the attribute "memberUid=Thomas"; this means
"Thomas" is member
of "group1" ; he has a secondary Group Membership for
"group1".

Normaly any share, which has the underlying unix permission for this
secondary group set to rwx, should grant the access permission to that
share for "Thomas". But it doesn't work.

Examing the syslog (ldap) we found, that samba is searching for
memberUid=thomas in small letter.

If you change

"uid=Thomas,dc=...,dc=...,dc=de"

to

"uid=thomas,dc=...,dc=...,dc=de"

It should work!

Wolfgang




Wolfgang B?ch
Unix - und Windows Systemadministration
Universit?t Hamburg
Regionales Rechenzentrum
Gruppe Virtuelle Campus Bibliothek - VCB
Schl?terstrasse 70
D-20146 Hamburg
Tel.: (+40) 42838-3094


Random Thought:
--------------

samba - Apr 2003 - ACL group permissions only work on primary group (Rick Segeberg)

[Samba] ACL group permissions only work on primary group (Rick Segeberg)