Dear all, I have samba3.0.23d running on FreeBSD 6.1. It is running with "security = ADS" and has been functioning correctly from about 3.0.14 to 3.0.22.
Since I upgraded to 3.0.23(a|b|c|d) group permissions are not honoured by Samba. For example: drwxrwx--- 107 setup domain admins 3072 Nov 15 19:25 install The user setup is a windows admin user; this user can access this folder without any problems. Any users in the "Domain Admins" group CANNOT access this folder. When trying to do this from windows they are presented with a password screen. This is the same for all group permissions unless the group is in question is the user's primary group. If I explicitly add ACL user permissions to the folder then those users can access it. This doesn't work if I can group ACLs. This has screwed up all sorts of stuff as all group based access is broken. I am not seeing any winbind errors; winbind seems to enumerate the groups fine, eg [EMAIL PROTECTED] /data]# id cmurdoch uid=15003(cmurdoch) gid=15000(domain users) groups=15000(domain users), 15009(group policy creator owners), 15006(enterprise admins), 15007(domain admins), 15008(schema admins), 15017(emlibrary users), 15030(sophos console administrators), 15033(sophosadministrator), 15035(pcarch), 15038(BUILTIN\administrators) But cmurdoch then won't be able to access folders with any of his group permissions set. Global section of smb.conf: [global] workgroup = BPR netbios name = YANKEE ;hosts allow = 192.168.1 socket options = TCP_NODELAY server string = Samba Server realm = BPRARCHITECTS.COM security = ADS encrypt passwords = yes password server = * client use spnego = yes server signing = auto map acl inherit = yes ;allow trusted domains = no idmap uid = 15000-1000000 idmap gid = 15000-1000000 winbind use default domain = yes winbind enum groups = yes winbind enum users = yes winbind nested groups = yes template shell = /usr/local/bin/bash use sendfile = yes log file = /var/log/samba/log.%m load printers = no Cameron -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
