Hi there,
Firt off, Im new to the word of samba and windbind (and AD for that
matter) so I apologise if my problem has had attention before.
Ill try to articulate whats happening as best I can. I beleive my issue
is with winbind in particular. If Ive neglected anything that would be
helpful in finding a solution please let me know.
Ive several linux machines using samba and winbind to share on an Active
Directory domain. Recently I was asked to create two distinct new user
groups specifically for two upcoming projects. Until these projects
become active there are only two guys doing pre-production on them - one
guy for each project. So I created the two security groups in active
directory and placed the two workers in each's relevant group.
Over to the linux machines:
"getent group" shows the two new groups and their (lone) members.
However I tried to set group permissions on a directory and they only
work for one of the groups (group1, user1, say) . [I should note here
that directly applying permissions for each user works fine]
When I do "wbinfo -r user2" I see the groups user2 is a member of -
EXCLUDING the new group I created with him in. "wbinfo -r user1" shows
his new group fine. Also, doing "groups user1" works fine.
"groups
user2", again, excludes the new group I created.
When I do "wbinfo -a user2%user2passwd" on a machine it authenticates
user2 and seems to update. Now "wbinfo -r" and "groups" show
the new
groups and the permissions work fine. And it seems that in the case of
user2, I have to do this manually after every change I make, whereas
user1 works fine.
These two accounts in active directory are identical - apart from the
two new groups. I cannot see where one user account trips up whereas the
other is OK.
Can anyone suggest what might be the culprit here? While the "wbinfo
-a"
route works, Id rather know more!
Thanks you for any help,
Kris Monstad
