We just updated a 2.2.5 samba server to 2.2.8 and note a difference in the way valid users are determined. In 2.2.5, we could have unix user user1 in unix group groupA AND NIS+ user user2 in a NIS+ group groupA We set valid users = @groupA for samba share groupA_shr and both user1 and user2 could gain acces to groupA_shr. This configuration does NOT work with samba 2.2.8. In the example described, only unix user1 can gain access to groupA_shr. We are running solaris 2.8 on a Netra T1 server. Pertinent info from smb.conf attached. Have we been relying on an "undocumented feature" all this time with 2.2.5? Is samba 2.2.8 designed to work this new way? We can make all our unix users NIS+ users but that will take time. Thanks in advance for any suggestions. Helen Nulty smb.conf file: <<<<<<< begin smb.conf >>>>>>>>>>>>>> # Global parameters [global] workgroup = NTWRKGRP netbios name = SOLSRVR netbios aliases = SOLALIAS server string = Samba Server 2.2.8 interfaces = eri* nnn.nnn.nnn.nnn/255.255.0.0 security = DOMAIN encrypt passwords = Yes min passwd length = 6 password server = PWSRVR1 PWSRVR2 passwd program = /bin/passwd %u passwd chat = *Enter login(NIS+) password:* %o\n *New*password* %n\n *Re-enter*password:* %n\n *changed for* max log size = 50 printcap name = /etc/printers.conf os level = 0 wins proxy = Yes wins server = nnn.nnn.nnn.nnn host msdfs = Yes security mask = 03777777 force security mode = 03777777 directory security mask = 03777777 force directory security mode = 03777777 hosts allow = nnn.nnn.nnn.nnn 127. ... [groupA_shr] comment = SPH IIS Share path = /shrA/groupA valid users = @groupA force user = userA force group = groupA read only = No create mask = 0750 force create mode = 0750 security mask = 0777 force security mode = 00 directory mask = 0750 directory security mask = 0777 force directory security mode = 00 inherit acls = Yes #