samba - Jan 2006 - Problems with group ACLs on a SAMBA server running in local mode

Here's a quick rundown of the behavior:

 

1)       SAMBA 3.0.9 server is running in local user mode 

2)       A new local UNIX group is added

3)       From a XP / W2003 client, attempts to add that group to ACLs on
the exported share fail - the group cannot be found through the explorer
UI.

 

I debugged this - the call to _samr_query_alias_info()  is failing.
Specifically, the call to pdb_get_aliasinfo() fails.  Debugging further,
this is because the group rid cannot be found in the tdb in
get_group_map_from_sid(), so the Windows client cannot resolve the name
from the RID.  

 
>From conversations with other developers here at Isilon, the local
groups are not automatically added to the tdb, and adding this
functionality could be risky due to collisions between GIDs/ RIDs/ and
SIDs.  My question to the list is there a hidden feature somewhere which
enables local unix groups to be added to the tdb?  I've been digging
through lists / documentation, but with no luck.

 

Thanks in advance,

Todd Stecher