The Samba-Bugzilla – Bug 5687
user account hides group account with same name for valid users
Last modified: 2008-08-13 13:46:07 UTC
I have an unix user 'Admin' and an unix group 'Admin' here. The group contains several other users. And there is a share with:
valid users = @Admin
I can't connect to this share, as long as this line is in.
After a few hours I found out that the user 'Admin' is responsible for this, the logfile prints this:
[2008/08/12 17:57:24, 5] smbd/share_access.c:token_contains_name(125)
Admin is a User, expected a group
[2008/08/12 17:57:24, 2] smbd/service.c:make_connection_snum(616)
user 'markus' (from session setup) not permitted to access this share (all)
Now this problem kind of sounds like what I found at #609, but I still think this should be considered a bug. 'valid users' is expecting a group after the '@' and there actually _is_ a group with that name. Still it doesn't print any warning on low logging levels and just silently blocks the whole share. Furthermore the user 'markus' is member of the group 'Admin' and therefore actually has the correct permission for the accessing the share.
After renaming the unix user account Admin, everything worked as expected.
Can you try and reproduce this on Samba 3.2.1 please (current latest release). There have been many changes which may fix this and I don't want to track down an already fixed bug.
Ok, I compiled 3.2.1 from source an installed it on a testing box, and it worked. A user having the same name as a group didn't prevent the share from working correctly.
Too bad that there are no up-to-date binary packages for that version :/