It's not possible to get access to a share or a directory through Samba with a windows client if you have several NIS groups all with the same gid number. We are using Samba in a real big NIS environment with several thounds of users. Due to some Unix limitations, maximum users per group. We created several groups all with the same gid number. For example: group;2200;user1,user2,user3,,,,,, etc group_1;2200;user50,user51,,,,,, etc ... group_100;2200;userXX,,,, Since we try to open our Unix repositories as wel to windows clients, we are facing that user which are members of "group_1" or above can't get access to the shares or directories. It sounds for me that the issue is caused internally in samba. I think you check only on the group name and not on the GID number of the group. Thanks for helping me solving this issue. Richard
Due to the fact that we are a big company with a lot of users. We would like to migrate NIS into AD, and we will do, but during the migration of 30 NIS domains we have to find a solution. Best regards Richard
no handling groups by name is not possible. You need to search for a solution outside of Samba if you have double UIDs/GIDs. If you are a big company you might want to get support from a commercial company here: http://www.samba.org/samba/support/
(In reply to comment #2) > no handling groups by name is not possible. You need to search for a solution > outside of Samba if you have double UIDs/GIDs. If you are a big company you > might want to get support from a commercial company here: > http://www.samba.org/samba/support/ Hello, the question is why is samba not working with several NIS groups all with the same groupnumber? If you create several groups in your local /etc/group all with the same gid then it's working !!! Can you give me an answer on this?
the question is why is samba not working with several NIS groups all with the same groupnumber? If you create several groups in your local /etc/group all with the same gid then it's working !!! Can you give me an answer on this?
Björn, can you confirm that this is not a showstopper for 3.4.10?
ack, no show stopper, multiple groups with same uid number results in undefined behaviour and is not supported at all.