I'm running samba-3.0.21b on gentoo. All authentication against a new 2003 active directory is working fine as far as I can tell bu I have come across an unusual thing, see below: hari@test2 ~ $ id uid=10005(hari) gid=10000(Domain Users) groups=10000(Domain Users),10008(Domain Admins),10009(UnixAdmins),10010(UnixAdmins) For some reason the group UnixAdmins has been listed twice and given two ids by winbind. This group has not been recently added, I haven't deleted and readded it or anything like that. I've restart samba(smbd nmbd and winbindd) and logged back in with this domain account and I get the same result. Below you can see my entire smb.conf: [global] workgroup = MYDOM realm = MYDOMAIN.COM server string = Samba Server %v log file = /var/log/samba/log.%m max log size = 50 hosts allow = 192.168.1. 192.168.2. 127. map to guest = bad user security = ADS password server = myserver encrypt passwords = yes winbind use default domain = yes template shell = /bin/bash socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 idmap uid = 10000-20000 idmap gid = 10000-20000 [homes] comment = Home Directories browseable = no writable = yes
Looks more like a confuguration flaw. Please try with a modern, supported samba version and clean idmap configuration. If you then still see an issue consider to consult a support option from https://www.samba.org/samba/support/