Base info: I create new user in domain "testing" with smbldap-tools. Successfuly. Now I try to login to domain itvgroup.cxm from one of domain machine with user testing. Successfuly. Now I add user testing to many groups. Now I try to login - and can't do it. :( If I delete him from one or two groups - all start working fine. I add user to other group (not used in first case) - error login again. I think it does because search result too big or something like this two logs in attachment: debug.log - debug info of ldap accesses g-marchenko.smb - log of samba client who tryes to login with test user (without success)
Created attachment 2172 [details] debug 5 from win machine tryes to login with testing user
Created attachment 2173 [details] LDAP searching log in this moment
How many groups do you have exactly where it stops working? And, you are aware that many Unixes (dunno about FreeBSD) have a hard limit of 16 or 32 groups per user? And, to diagnose this we would need the debug level 10 log of the DC. Volker
Ou! Thanks a lot! It over 16een groups, and seem that it's hardcode of freebsd :( But if I run id testing it returns users ok, with all of his groups. Why? if it hardcode.... Now I try to make log on errlvl 10
debug level 10 does not help anymore, if the FreeBSD limit is 16 then your stuck. Closing the bug as invalid, this is a system restriction, not a Samba one. Volker