Bug 3640 - Winbindd not authenicating groups in the AD
Summary: Winbindd not authenicating groups in the AD
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: winbind (show other bugs)
Version: 3.0.9
Hardware: x86 Linux
: P3 normal
Target Milestone: none
Assignee: Gerald (Jerry) Carter (dead mail address)
QA Contact: Samba QA Contact
Depends on:
Reported: 2006-03-28 15:51 UTC by tonyb
Modified: 2006-04-20 08:32 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description tonyb 2006-03-28 15:51:55 UTC
Problem with 2003 server sp1 which has not been resolved.
using the latest and greatest samba server. Configured with ad and all the nice switches in every format.

The samba server does NOT authenticate with 2003 server sp1 groups.

I not only read about people posting this error but see nothing done to fix this? why?

To replicate this issues simple.

Load any version of samba: 

Create a smb.conf in AD format 
Put in the 30 switches to match the AD setup of a 2003 server sp1 
and wahhh laa not groups in the 2003 server can get authenticated.

Create the shares with the "+ or / or @ or anything " does not help

Samba is broken with the AD group authentication piece. FLAT OUT.

NO ONE CAN Get this to work and no one seems to care?

Without group authentication samba is useless.

Please try this and let me know .. here are the sites that i could find pointing out the flaw with no resolve.

lookup 158

This is funny the patch for this dont exist and its so old it should have been placed in the newer version still i think this guys smoking something

Well hopefully someone tries to get this working and contact me I am at wits end. 

Might have to load winblows server in the mean time .. too many users to make user shares for all of them.

Comment 1 Gerald (Jerry) Carter (dead mail address) 2006-03-28 17:03:03 UTC
The links you point to are not relevant.  The current code
works just fine.  If you have a probelm, then you'll have 
to provide more information.  It's not like we don't test this
kind of thing.
Comment 2 Gerald (Jerry) Carter (dead mail address) 2006-04-20 08:03:40 UTC
severity should be determined by the developers and not the reporter.
Comment 3 Gerald (Jerry) Carter (dead mail address) 2006-04-20 08:32:43 UTC
closing.  no response.