Hello, I've just posted about a group management problem (mail was "Samba group management understanding") While waiting for an answer I updated samba to the last version I could find for centos 4 which is 3.3.4. Now group membership seems not to work anymore I export this directory: drwxrws--- 2 root mt23 4096 mai 6 12:34 test_smb with this smb.conf extract: [test] path = /test_smb writable = yes valid users = @mt23 create mask = 0770 force group = mt23 then I try to access the "test" share from windows with user gbayard which belongs to group mt23 (result of command id gbayard follows) uid=1217(gbayard) gid=14(sysadmin) groupes=14(sysadmin),2000(enseign),2015(mt23) and I got the following in the logs: [2009/05/06 13:56:50, 2] lib/smbldap.c:smbldap_open_connection(800) smbldap_open_connection: connection opened [2009/05/06 13:56:50, 2] passdb/pdb_ldap.c:init_group_from_ldap(2348) init_group_from_ldap: Entry found for group: 544 [2009/05/06 13:56:50, 2] lib/access.c:check_access(406) Allowed connection from pcgbayard-gi-2.utc (172.17.131.11) [2009/05/06 13:56:50, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [Heudiasyc] -> [Heudiasyc] FAILED with error NT_STATUS_NO_SUCH_USER [2009/05/06 13:56:50, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [Heudiasyc] -> [Heudiasyc] FAILED with error NT_STATUS_NO_SUCH_USER [2009/05/06 13:56:50, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [Heudiasyc] -> [Heudiasyc] FAILED with error NT_STATUS_NO_SUCH_USER [2009/05/06 13:56:55, 2] passdb/pdb_ldap.c:init_sam_from_ldap(571) init_sam_from_ldap: Entry found for user: gbayard [2009/05/06 13:56:55, 2] passdb/pdb_ldap.c:init_group_from_ldap(2348) init_group_from_ldap: Entry found for group: 14 [2009/05/06 13:56:55, 2] passdb/pdb_ldap.c:init_group_from_ldap(2348) init_group_from_ldap: Entry found for group: 14 [2009/05/06 13:56:55, 2] passdb/pdb_ldap.c:init_group_from_ldap(2348) init_group_from_ldap: Entry found for group: 2000 [2009/05/06 13:56:55, 2] passdb/pdb_ldap.c:init_group_from_ldap(2348) init_group_from_ldap: Entry found for group: 2015 [2009/05/06 13:56:55, 2] auth/auth.c:check_ntlm_password(308) check_ntlm_password: authentication for user [gbayard] -> [gbayard] -> [gbayard] succeeded [2009/05/06 13:56:55, 2] passdb/pdb_ldap.c:init_group_from_ldap(2348) init_group_from_ldap: Entry found for group: 544 [2009/05/06 13:56:55, 2] lib/access.c:check_access(406) Allowed connection from 172.17.131.11 (172.17.131.11) [2009/05/06 13:56:55, 2] passdb/pdb_ldap.c:init_group_from_ldap(2348) init_group_from_ldap: Entry found for group: 2015 [2009/05/06 13:56:55, 2] smbd/service.c:create_connection_server_info(659) user 'gbayard' (from session setup) not permitted to access this share (test) [2009/05/06 13:56:55, 0] smbd/service.c:make_connection_snum(740) create_connection_server_info failed: NT_STATUS_ACCESS_DENIED So it seems like mt23 group membership is detected but access is denied anyway. Any hint? Gildas