On Fri, 2004-01-09 at 14:42, MICHAEL BROWN wrote: > Thanks for your reply Craig. > > Yes, getent DOES show the group and users correctly and yes, I have > tried switching the nsswitch.conf file to: > > group: ldap files nis > > but that does not work either. > What DOES work, I found this out a little while ago, is setting the > directory to the GID within LDAP like: > chown :5011 /home/test > 5011 is the name of the group with the number of users above 60 or 70. > Samba will authenticate correctly like this. > Any group with the total user count below that number, (60 or 70), will > allow me to use the actual name of the group but > if you go above that number in the secondary groups, it does not > recognize the name on ANY Redhat machine that I have in production. > As I stated earlier, I have no problem on Mandrake 8.2 ---- OK - got it... nscd - Name Caching Server Daemon
According to the very famous Mr. Terpstra's How-to Guide, you must shut this off if you use winbind If you don't use winbind... service nscd restart Necessary sometimes after you adjust /etc/nsswitch.conf because the caching remains in place. and by the way, I think you will find life is easier if you set passwd: files ldap nisplus #only use nisplus if you use nisplus in #your network otherwise, don't use group: files ldap (and of course, if you change this setup, best to restart the nscd service to clear the existing cache. Craig Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba