Maybe it's because some default values for winbind settings have
changed. The relaesenotes say:
winbind enum users Changed default No
winbind enum groups Changed default No
winbind nested groups Changed default Yes
Howard Wilkinson schrieb:
I have managed to isolate where the problem is, now I need to work out
what the problem is?
I have a group
cohtech:*:16777225:lesley,howard,ecbull
in which I am a member - howard.
I have a
valid users = +cohtech
entry in smb.conf for the share I am trying to connect to, I get the
following reported in the machine.log file -
zebra.log: string_to_sid: Sid +cohtech does not start with 'S-'.
and the users get rejected. If I declare the user directly then access
is allowed.
This server gets its group database from the AD controllers via RFC2307.
Anybody know why group expansion may be broken in 3.0.23?
Howard Wilkinson wrote:
No I already had this turned on!
Gautier, B (Bob) wrote:
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
] On Behalf Of Howard Wilkinson
Sent: 18 July 2006 11:50
To: samba@lists.samba.org
Subject: [Samba] Problem with 3.0.23 upgrade from 3.0.22 with
rfc2307 patch
I have upgraded one of my servers from a 3.0.22 implementation
using the
rfc2307 patch I supplied some months ago to the 3.0.23 release. I
am now getting some unexplaned failures and would like some
pointers as to where to start looking.
The rfc2307 schema compatibility in the 'official' 3.0.23 version
has to
be turned on in smb.conf with
winbind nss info = rfc2307
-- that might be something your older code did automatically.
Bob G
_____________________________________________________________
This email (including any attachments to it) is confidential,
legally privileged, subject to copyright and is sent for the
personal attention of the intended recipient only. If you have
received this email in error, please advise us immediately and
delete it. You are notified that disclosing, copying, distributing
or taking any action in reliance on the contents of this information
is strictly prohibited. Although we have taken reasonable
precautions to ensure no viruses are present in this email, we
cannot accept responsibility for any loss or damage arising from the
viruses in this email or attachments. We exclude any liability for
the content of this email, or for the consequences of any actions
taken on the basis of the information provided in this email or its
attachments, unless that information is subsequently confirmed in
writing. If this email contains an offer, that should be considered
as an invitation to treat.
_____________________________________________________________
--
Mit freundlichen Grüßen
Dietrich Streifert
Visionet GmbH
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
