Public bug reported:
This is when attaching a Samba file server to a Windows 2000 Active
Directory domain:
User U is member of domain global group A. Group A is a member of
domain global group B. Group B is assigned permissions to a share, but
user U is unable to use those permissions. Furthermore, "wbinfo -r U"
and "getent group" do not show the user as a member or group B. If
user U is added directly to group B, then the permissions are applied
fine.
This is with Samba 2.0.22 and winbind from the apt repo for Dapper. In
troubleshooting I installed the 3.0.23d deb packages from the Samba
website for Sarge, and it works fine - user U acts a member of group B
as it should through the hierarchy. I changed nothing else, only
removed the Dapper samba, samba-common, and winbind packages and
installed the Sarge packages, so this bug must have been fixed with the
newer release.
Some more information: I was working with another Ubuntu server
administrator with this same setup. We went through our configurations
and we both set up our Ubuntu servers the same, but his worked fine with
the nested groups and mine did not. We can only deduce that the
difference is in our domains: for one thing, my was converted (years
ago) from a mixed-mode domain to native-mode, but his had always been
native mode.
Regardless this is fixed in the newer version, so it is something that
is fixed in Samba. It would be nice to have this bug fixed in the
version of Samba in the apt repo for Dapper.
** Affects: samba (Ubuntu)
Importance: Undecided
Status: Unconfirmed
--
does not enumerate domain groups nested under domain groups
https://launchpad.net/bugs/75047
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
