The Samba-Bugzilla – Bug 279
if >32 groups is returned in the net_user_info3 struct, the nt_user_token and unix_token can differ
Last modified: 2005-02-07 08:41:26 UTC
smbd calls initgroups() to set the unix group members
of the existing process and then getgroups() to get the
list back. This is truncated to the OS limit (NGROUPS_MAX).
So the NT_USER_TOKEN (built by the net_sam_logon reply) can
have more groups than those listed in unix_user token.
2.2. solved this by calling add_supplementary_nt_login_groups()
See also bug 267
this is an OS limitation and not much we can do about it. Closing it.
originally reported against 3.0.0beta3. CLeaning out
non-production release versions.