Bug 9287 - Samba-3.6.5 "force group = domain\group" parameter results in group to faulty GID(always 1008)
Summary: Samba-3.6.5 "force group = domain\group" parameter results in group to fault...
Status: RESOLVED INVALID
Alias: None
Product: Samba 3.6
Classification: Unclassified
Component: User & Group Accounts (show other bugs)
Version: 3.6.5
Hardware: All All
: P5 normal
Target Milestone: ---
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-10-13 16:56 UTC by jinyunshuai
Modified: 2012-10-13 17:30 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description jinyunshuai 2012-10-13 16:56:29 UTC
Note:sau1 is a normal AD user from asmb.test, but it is not a member of group
"asmb\sag1", the machine joined to asmb.test domain. asmb\sag1'gid is 10001

Edit smb.conf, then set "force group = +asmb\sag1" for samba share named
samba-test
=====================================================================
[samba-test]
path = /samba-test
public = yes
force create mode = 0775
force directory mode = 0775
force group = asmb\sag1
writable = yes
=====================================================================

3. Access samba share via "sbu1",and create a directory named "test"
=====================================================================
[root@rhel57v3 samba]# smbclient -U 'lovesmb\sbu1'%'pas$word'
//10.100.60.34/samba-test

smb: \> mkdir test
=====================================================================

4. Go to "samba-test", check the directory' attribute which is created in
step#3 
=====================================================================
[root@rhel57v3 samba-test]# ls -al
total 32
drwxrwxrwx  4 root root 4096 Oct 11 13:43 .
drwxr-xr-x 26 root root 4096 Oct 11 13:40 ..
drwxrwxr-x  2 sac2 sag1 4096 Oct 11 13:43 samba
drwxrwxr-x  2 sbu1 1008 4096 Oct 11 13:42 test  <-------This is unexpected,
directory's group should be "sag1",not 1008.
Comment 1 jinyunshuai 2012-10-13 17:18:49 UTC
(In reply to comment #0)
> Note:sau1 is a normal AD user from asmb.test, but it is not a member of group
> "asmb\sag1", the machine joined to asmb.test domain. asmb\sag1'gid is 10001
> Edit smb.conf, then set "force group = +asmb\sag1" for samba share named
> samba-test
> =====================================================================
> [samba-test]
> path = /samba-test
> public = yes
> force create mode = 0775
> force directory mode = 0775
> force group = asmb\sag1
> writable = yes
> =====================================================================
> 3. Access samba share via "sbu1",and create a directory named "test"
> =====================================================================
> [root@rhel57v3 samba]# smbclient -U 'lovesmb\sbu1'%'pas$word'
> //10.100.60.34/samba-test
> smb: \> mkdir test
> =====================================================================
> 4. Go to "samba-test", check the directory' attribute which is created in
> step#3 
> =====================================================================
> [root@rhel57v3 samba-test]# ls -al
> total 32
> drwxrwxrwx  4 root root 4096 Oct 11 13:43 .
> drwxr-xr-x 26 root root 4096 Oct 11 13:40 ..
> drwxrwxr-x  2 sac2 sag1 4096 Oct 11 13:43 samba
> drwxrwxr-x  2 sbu1 1008 4096 Oct 11 13:42 test  <-------This is unexpected,
> directory's group should be "sag1",not 1008.

tiny change step 3, we use "sau1" to access samba share not "sbu1"

as:

Access samba share via "sau1",and create a directory named "test"
[root@rhel57v3 samba]# smbclient -U sab1%password //10.100.60.34/samba-test
 smb: \> mkdir test
Comment 2 jinyunshuai 2012-10-13 17:27:41 UTC

*** This bug has been marked as a duplicate of bug 9288 ***