Hello samba list, I've run into a rather strange problem at one of our deployments, and after trying a few ideas myself are turning to you to see if you have any suggestions for my next step. The problem: We're currently running samba 3.5.6 as a file server joined to an active directory. We set up acls that say group "foo" has r/w access to a directory. A user "userA" attempts to access that folder and fails even though the active directory server shows he is in that group. I've gone through the samba system checking the output of wbinfo and the getent, groups and id command; they all show that "userA" is in the supplementary "foo" group. I also turned up the logging and verified that the results of the "supplementary groups" in the log show the GID of the "foo" group when "userA" connects. Can you suggest to me what else I should be looking at? We've re-run this test by stripping out all acls (nt and posix) and just using permissions. Unless this particular user is the owner or the primary group the user can not access this directory. It feels as if the supplementary group is being "ignored" for this case, but I don't know why and I have run out of ideas. Searching google does not seem to turn up anything relevant at this point, either. I would greatly appreciate any help investigating what is going on with this system. Thank you all for your assistance. --John M.
Hello samba list, [Apologies if you've seen this message before. I'm not sure if the original got eaten by a filter somewhere along the line.] I've run into a rather strange problem at one of our deployments, and after trying a few ideas myself are turning to you to see if you have any suggestions for my next step. The problem: We're currently running samba 3.5.6 as a file server joined to an active directory. We set up acls that say group "foo" has r/w access to a directory. A user "userA" attempts to access that folder and fails even though the active directory server shows he is in that group. I've gone through the samba system checking the output of wbinfo and the getent, groups and id command; they all show that "userA" is in the supplementary "foo" group. I also turned up the logging and verified that the results of the "supplementary groups" in the log show the GID of the "foo" group when "userA" connects. Can you suggest to me what else I should be looking at? We've re-run this test by stripping out all acls (nt and posix) and just using permissions. Unless this particular user is the owner or the primary group the user can not access this directory. It feels as if the supplementary group is being "ignored" for this case, but I don't know why and I have run out of ideas. Searching google does not seem to turn up anything relevant at this point, either. I would greatly appreciate any help investigating what is going on with this system. Thank you all for your assistance. --John M.
Maybe Matching Threads
- Unix Group Question with repect to Samba
- Debugging tdb_oob log messages in samba 3.6
- Applying head to wall to figure out permissions issues.
- No write permission if POSIX bits 0 on ZFS written by M$ Office - dos_mode returning r
- How to set file/folder permission flexibly in Samba