Bug 6657 - User's additional groups not showing up
Summary: User's additional groups not showing up
Alias: None
Product: Samba 3.2
Classification: Unclassified
Component: File services (show other bugs)
Version: 3.2.0
Hardware: x64 Linux
: P3 major
Target Milestone: ---
Assignee: Volker Lendecke
QA Contact: Samba QA Contact
Depends on:
Reported: 2009-08-23 09:41 UTC by David S. Collier-Brown
Modified: 2010-02-07 11:17 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description David S. Collier-Brown 2009-08-23 09:41:02 UTC
User eftmanager is in the AD group NMCS\uploadwip, 
which maps to gid 15007 on Samba, but when connecting
on SuSE, can't access files.

id says:
id=6010(eftmanager) gid=3011(eftwrite)

As the group isn't getting passed through ,at
least as far as "id" is concerned, the inability
to open the files seems to be a case of missing

/etc/release says the machine is
SUSE Linux Enterprise Server 10 (x86_64)
SGI InfiniteStorage Software Platform, version 1.6, Build sgi160r2-1.6, Wed Apr  1 19:00:40 UTC 2009

RPM says: 
rpm -q -f /usr/sbin/smbd

The primary rapporteur is Ron Short,
Comment 1 David S. Collier-Brown 2009-08-23 09:43:04 UTC
A proposed workaround/confirmation: 
manually add the applicable groups to eftmanager's
list in /etc/groups
Comment 2 Volker Lendecke 2009-08-24 01:19:42 UTC
To me this sounds like a configuration problem. Please upload your smb.conf. Are you running winbind? How do you map groups from AD to Unix?

Comment 3 Karolin Seeger 2009-08-24 03:39:19 UTC
Correcting component and version number.
Comment 4 David S. Collier-Brown 2009-08-24 08:48:16 UTC
I know the smb.conf, we'll need to ask Ron
the other questions...

I find I can't add him as a CC, he's
Ron Short <short@sgi.com>. Can you???

sdathengmds01:~ # more /etc/samba/smb.conf

# Global parameters
       workgroup = NMCS
       netbios name = ENGSMB
       name resolve order = lmhosts host wins bcast
       interfaces =
       bind interfaces only = Yes
       security = ADS
       auth methods = winbind
       password server = dmcontroller2.nmcs.sdmengineering.com,
       #passwd program = /usr/bin/passwd %u
       #passwd chat = *ew*password:* %n\n *e-enter*new*password:* %n\n
       max log size = 500
       max xmit = 65535
       os level = 0
       preferred master = No
       local master = No
       domain master = No
       ldap ssl = no
       idmap uid = 15000-20000
       idmap gid = 15000-20000
       comment = %h (Samba %v)
       hosts allow = 162.49.57.
       hide dot files = No
       locking = No
       share modes = No

       path = /media/library
       read only = No
       directory mask = 0775
       #force group = +dmfwrite
       path = /media2/cam
       read only = No
       directory mask = 0775
       #force group = +dmfwrite

Comment 5 Volker Lendecke 2009-08-24 08:50:57 UTC
Probably he needs an account in bugzilla. But we can probably do it via you.

Comment 6 Volker Lendecke 2009-11-30 16:16:36 UTC
Any more info here?
Comment 7 Volker Lendecke 2010-02-07 11:17:22 UTC
No feedback, closing.