After upgrading our samba DC from 3.0.10 to 3.0.11, we have been experiencing problems with groupmapping. In 3.0.10, we had to explicitly map our Unix groups (local or NIS) to NT groups with a 'net groupmap add' command.
However, in 3.0.11, all our Unix groups are mapped automagically. Although they do not show up with a 'net groupmap list' on the DC, our clients can see them: 'net user myusername /domain' shows all the Unix groups on the DC.
Looking more closely at the release notes, this might be the relevant change:
o Volker Lendecke
<snip>
* Unify the means of localtaing a user's global groups on a
Samba DC.
This is a major problem for us. Since windows applies the most restrictive permission set, files that are not group writable suddenly become read-only, even if the owner has write access. This is because the owner of a file is also a member of the file's group.
This was never a problem for us prior 3.0.10 since most of our groups were not in the groupmap. If possible, I'd love to go back to the pre-3.0.11 behavior for groupmapping, rather than change the permissions on all our data.
I have looked through docs/man pages and can't find a way to change this. Anyone have an idea?
Thanks for your help.
-- Theron Toomey, System Administrator NSEES-IT (919-613-8148) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
