I cannot access a directory via samba, even though the user is in a group that has rwx access to that directory. This occurs when the group is not the user's primary group. If the directory is chgrp'd to the user's primary group the problem goes away. This is using samba 3.0rc3, linux 2.6.0-test5, using a windows XP client. User accounts are in active directory and made available to linux via winbind. In a shared directory: # mkdir test # chmod 770 test # groups mdawson Domain Admins Domain Users Schema Admins staff business_systems_users IT Services webadmins # getent passwd mdawson mdawson:x:10000:10001::/home/TOTTON/mdawson:/bin/bash # wbinfo -n "domain users" S-1-5-21-1123561945-1957994488-839522115-513 2 # wbinfo -Y S-1-5-21-1123561945-1957994488-839522115-513 2 10001 (so domain users is my primary group) # chgrp "domain admins" test - access is denied from windows # chgrp "domain users" test - access is allowed Setting the 'force group' parameter on the share makes it so I can use either the group specified or the primary group, but no other groups. I can get access to the directory fine from the shell. I've built samba with and without acl support and have the same problem. Let me know if I've missed any important info or if any further tests would be useful.
This looks like bug 336. I might have been mistaken when I said the problem was resolved. I just realized I had added a "force group" option to each of the shares to work-around this issue while waiting for a fix, and forgot to remove it when I retested. Since mdawson is still having the issue, I suspect it's still there. I'll retest again. (a copy of this note will also be added to bug 336).
*** This bug has been marked as a duplicate of 336 ***
originally reported against one of the 3.0.0rc[1-4] releases. Cleaning up non-production versions.
database cleanup