samba - Feb 2006 - New 3.0.21b-1 Samba does not respect system "Groups"

Hi all,

I am running

ii  samba          3.0.21b-1      a LanManager-like file and printer server fo
ii  samba-common   3.0.21b-1      Samba common files used by both the server a

on Debian 3.1 (Sarge) Linux  2.6.8-2-386 #1 Thu May 19 17:40:50 JST
2005 i686 GNU/Linux

I have noticed that the Samba software does not recognize newly
created "groups" with the groupadd commands. I'll demonstrate the
following.

I am running the Samba Server with

security = user

I have a share defined like this

[grtest]
        comment = Intersight Website
        path = /var/www/grtest
        read only = no
        read list = @phpprogrammers
        valid users = @grtest
        force group = grtest
        force create mode = 0775
        force directory mode = 0775

The Unix permissions for this folder is

# ls -l /var/www |grep grtest
drwxrwxr-x   2 root grtest            48 2006-02-13 14:27 grtest

The members of the group "grtest" are

# cat /etc/group |grep grtest
grtest:x:1029:administrator

The group was created using the "groupadd" command.

Now the Samba user "administrator" has the same password as the user
"administrator" on the Windows 2003 Small business server I am
sitting.

When I try to access the [grtest] share from the Win2k3 SBS I am asked
for a user name and password for which I enter

sambaworkgroup\administrator

and password

But I am not able to connect.

But if I just change the Share description to have valid users set to
any group that was created earlier I can access the share with no
problems. I'll demonstrate it again

The group

# cat /etc/group |grep maverick
maverick:x:1004:administrator,mvarghese

was create long back.
And If I put that group in the valid users list as shown below

[grtest]
        comment = Intersight Website
        path = /var/www/grtest
        read only = no
        read list = @phpprogrammers
        valid users = @maverick
        force group = grtest
        force create mode = 0775
        force directory mode = 0775

and restart the Samba Server, I can go to the Win2k3 SBS and click on
the share and I can access the share without giving a user name and
password. ( Password for "administrator" is same on both Systems)

I found that this problem is only for Groups created recently and not
for groups created earlier.

I find it really puzzling :-(

Could Someone please explain what could have gone wrong?

Thankyou so much

Kind Regards

Siju

Hi, at default smb does not honor linux groups,
use ldap , map your systemgroup via the net command to a smb group
read the smb faqs to this
Regards

Siju George schrieb:
> Hi all,
> 
> I am running
> 
> ii  samba          3.0.21b-1      a LanManager-like file and printer server
fo
> ii  samba-common   3.0.21b-1      Samba common files used by both the
server a
> 
> on Debian 3.1 (Sarge) Linux  2.6.8-2-386 #1 Thu May 19 17:40:50 JST
> 2005 i686 GNU/Linux
> 
> I have noticed that the Samba software does not recognize newly
> created "groups" with the groupadd commands. I'll demonstrate
the
> following.
> 
> I am running the Samba Server with
> 
> security = user
> 
> I have a share defined like this
> 
> [grtest]
>         comment = Intersight Website
>         path = /var/www/grtest
>         read only = no
>         read list = @phpprogrammers
>         valid users = @grtest
>         force group = grtest
>         force create mode = 0775
>         force directory mode = 0775
> 
> The Unix permissions for this folder is
> 
> # ls -l /var/www |grep grtest
> drwxrwxr-x   2 root grtest            48 2006-02-13 14:27 grtest
> 
> The members of the group "grtest" are
> 
> # cat /etc/group |grep grtest
> grtest:x:1029:administrator
> 
> The group was created using the "groupadd" command.
> 
> Now the Samba user "administrator" has the same password as the
user
> "administrator" on the Windows 2003 Small business server I am
> sitting.
> 
> When I try to access the [grtest] share from the Win2k3 SBS I am asked
> for a user name and password for which I enter
> 
> sambaworkgroup\administrator
> 
> and password
> 
> But I am not able to connect.
> 
> But if I just change the Share description to have valid users set to
> any group that was created earlier I can access the share with no
> problems. I'll demonstrate it again
> 
> The group
> 
> # cat /etc/group |grep maverick
> maverick:x:1004:administrator,mvarghese
> 
> was create long back.
> And If I put that group in the valid users list as shown below
> 
> [grtest]
>         comment = Intersight Website
>         path = /var/www/grtest
>         read only = no
>         read list = @phpprogrammers
>         valid users = @maverick
>         force group = grtest
>         force create mode = 0775
>         force directory mode = 0775
> 
> and restart the Samba Server, I can go to the Win2k3 SBS and click on
> the share and I can access the share without giving a user name and
> password. ( Password for "administrator" is same on both Systems)
> 
> I found that this problem is only for Groups created recently and not
> for groups created earlier.
> 
> I find it really puzzling :-(
> 
> Could Someone please explain what could have gone wrong?
> 
> Thankyou so much
> 
> Kind Regards
> 
> Siju
-- 
Mit freundlichen Gruessen
Best Regards
Robert Schetterer

robert_at_schetterer_dot_org
Munich / Bavaria / Germany
https://www.schetterer.org

On 2/13/06, Robert Schetterer <robert@schetterer.org>
wrote:
> Hi, at default smb does not honor linux groups,
> use ldap , map your systemgroup via the net command to a smb group
> read the smb faqs to this
> Regards
>
Thankyou so much Robert for your reply
But I used to do this till now without ldap.
And even now it works with groups that were created earlier

Kind Regards

Siju