samba - Feb 2009 - Problem with "idmap config DOM : backend = nss " and samba 3.3.0

Hi

I have upgraded a samba testinstallation from 3.0.32 to  3.3.0 
(security = ADS) including the
samba3-3.3.0-fix-ads-join.patch from sernet

With this patch, the net ads testjoin suceeds.

I am able to connect to shares, but I am not able to change the security
settings on files in the samba share using the windows security dialog.
The "Add"-field in the security dialog is greyed out, even for files,
I
created.

The rights are shown as Unix User\maurerh

In our production system with 3.0.34 we use

        idmap domains =  DOM
        idmap config DOM:backend  = nss
        idmap config DOM:readonly = yes
        idmap config DOM:default = yes

and in the the windows security dialog the users are shown as
DOM\maurerh and setting acl is possible

with 3.3.0 we tried

        idmap config DOM : backend  = nss
        idmap config DOM : readonly = yes


The rights are shown as Unix User\maurerh
and settings acls  is not possible

I notices, in the release notes that there was a change in this area,
according to idmap_nss the above should be possible




Regards

Hansj?rg









-- 
_________________________________________________________________

Deutsches Zentrum fuer Luft- und Raumfahrt e.V.
in der Helmholtz-Gemeinschaft

Institut fuer Robotik und Mechatronik

Dr. Hansj?rg Maurer

LAN- und Systemmanager

M?nchner Strasse 20
82234 Wessling
Germany 

Telefon: 08153/28-2431 
Telefax: 08153/28-1134

E-Mail: Hansjoerg.Maurer@dlr.de
Internet: http://www.robotic.dlr.de/

__________________________________________________________________


There are 10 types of people in this world, 
those who understand binary and those who don't.