As seen below within the smb.conf, the shares are exported as such: [cc] path = /cc comment = directory directory mask = 0775 create mask = 0775 valid users = @ccuser read list = @ccuser write list = @ccuser writeable = yes public = no case sensitive = no default case = lower preserve case = yes short preserve case = yes mangled names = no fake directory create times = true dos filetime resolution = true map archive = no map hidden = no map system = no follow symlinks = yes wide links = yes browseable = yes When the Windows Administrators add a new user, even if they make sure they are within the ccuser group, the smbd must be stopped and restarted before the new user account is allowed to authenticate against the share. The workaround is to include every single user account within the “valid users=” line, and then the new users created are authenticated successfully. Please let us know how to proceed. # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not many any basic syntactic errors. # #======================= Global Settings ===================================== [global] # workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4 workgroup = NORDLB-IT # server string = ccadm nitsol50 netbios name = nitaix59 # security local hosts deny = ALL hosts allow = 14.2.0.0/255.255.0.0 14.50.130.0/255.255.255.0 14.50.176.0/255.255.255.0 14.50.178.0/255.255.255.0 14.50.180. 14.50.181. 14.50.182. 14.50.183. 14.50.184. 14.50.185. 14.50.179. 14.50.251. 14.50.125. 127. # Security mode security = domain password server = nitw0301 nitw0302 encrypt passwords = yes # Printer section load printers = no ; printcap name = /etc/printcap ; printcap name = lpstat ; printing = bsd # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /opt/pware/samba/3.0.28/var/log.%m include = /opt/pware/samba/3.0.28/var/smb.conf.%m max log size = 20000 # Configure Samba to use multiple interfaces interfaces = 14.50.176.159/24 # Browser Control Options: local master = yes os level = 33 domain master = no preferred master = no # WINS section wins support = no wins server = 14.50.178.10 14.50.178.20 ; name resolve order = wins host bcast remote announce = 14.50.178.255 ; browse list = yes ; remote browse sync = 14.2.74.201 wins proxy = no dns proxy = no #----------------------------------------------------------------------------- # performance parameters #----------------------------------------------------------------------------- debug level = 0 kernel oplocks = no oplocks = no level2 oplocks = no socket options = TCP_NODELAY wide links = no deadtime = 15 keep alive = 120 getwd cache = yes read raw = yes write raw = yes max open files = 5000 dos charset = CP850 unix charset = ISO8859-1 display charset = LOCALE host msdfs = no bind interfaces only = no # # user mapping for clear case username map = /usr/local/samba/lib/usermap.txt #============================ Share Definitions ============================== [homes] comment = Home Directories directory mask = 0000 create mask = 0000 force directory mode = 0774 force create mode = 0664 valid users = %S guest ok = no writable = yes public = no case sensitive = no default case = lower preserve case = yes short preserve case = yes mangled names = no fake directory create times = true dos filetime resolution = true follow symlinks = yes wide links = yes browseable = no [cc] path = /cc comment = directory directory mask = 0775 create mask = 0775 valid users = @ccuser read list = @ccuser write list = @ccuser writeable = yes public = no case sensitive = no default case = lower preserve case = yes short preserve case = yes mangled names = no fake directory create times = true dos filetime resolution = true map archive = no map hidden = no map system = no follow symlinks = yes wide links = yes browseable = yes [ccadm] path = /home/ccadm comment = directory directory mask = 0000 create mask = 0000 force directory mode = 0774 force create mode = 0664 force group = force user = guest ok = no valid users = ccadm read list = ccadm write list = ccadm writeable = yes public = no case sensitive = no default case = lower preserve case = yes short preserve case = yes mangled names = no fake directory create times = true dos filetime resolution = true follow symlinks = yes wide links = yes browseable = yes
works for me (if the user connects with an up-to-date logon token, reflecting the changes group membership)