[Samba] Windows group file permission problem
This is a discussion on [Samba] Windows group file permission problem within the Samba forums, part of the Networking and Network Related category; CentOS 3.5=20 samba3-3.0.20a-24 Security ADS I can't get windows group permissions on shares ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-19-2005
|
|||
|
|||
[Samba] Windows group file permission problem
CentOS 3.5=20
samba3-3.0.20a-24 Security ADS I can't get windows group permissions on shares to work except for = 'domain users'. The windows group I am trying to use is Unix.Samba. This = group does not exist on the linux box. It resolves correctly using = getent group and when I chgrp files to unix.samba, ls shows the group = ownership as Unix.Samba. getent group shows this group with the proper = members. From XP, I am logged in with an account in this group. But if I = try to access files, I get denied if the files aren't world = read/write.If I change the unix group on the file to 'Domain users' it = works. I noticed in swat if I look at status, my group is listed as = 'Domain Users'. I assume this is my default group. What am I doing wrong? Sorry about the long post.=20 Chuck smb.conf: [global] workgroup =3D XXX realm =3D CORP.XXXXXX.COM server string =3D ONMS-Samba security =3D ADS auth methods =3D winbind password server =3D XXXad6 username map =3D /etc/samba/smbusers log level =3D 10 syslog =3D 0 log file =3D /var/log/samba/%m.log max log size =3D 50 socket options =3D TCP_NODELAY SO_RCVBUF=3D8192 SO_SNDBUF=3D8192 load printers =3D No printcap name =3D CUPS disable spoolss =3D Yes show add printer wizard =3D No add user script =3D /usr/sbin/adduser -g winusers %U preferred master =3D No dns proxy =3D No ldap ssl =3D no idmap uid =3D 15000-35000 idmap gid =3D 15000-35000 template homedir =3D /home/win/%D/%U template shell =3D /bin/bash winbind use default domain =3D no winbind nested groups =3D Yes cups options =3D raw [test] comment =3D test Stuff path =3D /usr/local/samba valid users =3D @Unix.Samba read only =3D No ################################################## ####### winbindd log: [2005/10/19 08:13:42, 6] nsswitch/winbindd.c:new_connection(596) accepted socket 27 [2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325) process_request: request fn INTERFACE_VERSION [2005/10/19 08:13:42, 3] = nsswitch/winbindd_misc.c:winbindd_interface_version(460) [ 0]: request interface version [2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325) process_request: request fn WINBINDD_PRIV_PIPE_DIR [2005/10/19 08:13:42, 3] = nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(493) [ 0]: request location of privileged pipe [2005/10/19 08:13:42, 6] nsswitch/winbindd.c:new_connection(596) accepted socket 34 [2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325) process_request: request fn DOMAIN_INFO [2005/10/19 08:13:42, 3] = nsswitch/winbindd_misc.c:winbindd_domain_info(355) [ 0]: domain_info [CORP.ACSALASKA.COM] [2005/10/19 08:13:42, 6] nsswitch/winbindd.c:new_connection(596) accepted socket 27 [2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325) process_request: request fn INTERFACE_VERSION [2005/10/19 08:13:42, 3] = nsswitch/winbindd_misc.c:winbindd_interface_version(460) [ 0]: request interface version [2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325) process_request: request fn WINBINDD_PRIV_PIPE_DIR [2005/10/19 08:13:42, 3] = nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(493) [ 0]: request location of privileged pipe [2005/10/19 08:13:42, 6] nsswitch/winbindd.c:new_connection(596) accepted socket 35 [2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325) process_request: request fn GETPWNAM [2005/10/19 08:13:42, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(336) [ 0]: getpwnam acs\acsxpeit$ [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1533) Retrieving response for pid 12260 [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1533) Retrieving response for pid 12260 [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_uid(144) idmap_sid_to_uid: sid =3D = [S-1-5-21-335968984-468744214-619646970-18705] [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_id_from_sid(315) db_get_id_from_sid [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221) internal_get_id_from_sid: fetching record = S-1-5-21-335968984-468744214-619646970-18705 of type 0x1 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228) internal_get_id_from_sid: record = S-1-5-21-335968984-468744214-619646970-18705 -> UID 17095 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(243) internal_get_id_from_sid: ID_USERID fetching record = S-1-5-21-335968984-468744214-619646970-18705 -> UID 17095 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190) internal_get_sid_from_id: fetching record UID 17095 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196) internal_get_sid_from_id: fetching record UID 17095 -> = S-1-5-21-335968984-468744214-619646970-18705 [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_uid(151) idmap_sid_to_uid: uid =3D [17095] [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(173) sid_to_gid: sid =3D [S-1-5-21-335968984-468744214-619646970-515] [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_id_from_sid(315) db_get_id_from_sid [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221) internal_get_id_from_sid: fetching record = S-1-5-21-335968984-468744214-619646970-515 of type 0x2 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228) internal_get_id_from_sid: record = S-1-5-21-335968984-468744214-619646970-515 -> GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(262) internal_get_id_from_sid: ID_GROUPID fetching record = S-1-5-21-335968984-468744214-619646970-515 -> GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190) internal_get_sid_from_id: fetching record GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196) internal_get_sid_from_id: fetching record GID 15035 -> = S-1-5-21-335968984-468744214-619646970-515 [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(181) idmap_sid_to_gid: gid =3D [15035] [2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325) process_request: request fn GETGROUPS [2005/10/19 08:13:42, 3] = nsswitch/winbindd_group.c:winbindd_getgroups(925) [ 0]: getgroups ACS\acsxpeit$ [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1533) Retrieving response for pid 12260 [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1533) Retrieving response for pid 12260 [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1555) Retrieving extra data length=3D44 [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_store_request_data(1586) Storing request key lJbeM7.muEkc6j1e [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1533) Retrieving response for pid 12260 [2005/10/19 08:13:42, 10] = nsswitch/winbindd_async.c:getsidaliases_recv(782) getsidaliases return 0 SIDs [2005/10/19 08:13:42, 10] = nsswitch/winbindd_async.c:gettoken_recvaliases(1034) Expanding our own local groups [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_store_request_data(1586) Storing request key xIb0TsjuBWRMv_q- [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1533) Retrieving response for pid 12293 [2005/10/19 08:13:42, 10] = nsswitch/winbindd_async.c:getsidaliases_recv(782) getsidaliases return 0 SIDs [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(173) sid_to_gid: sid =3D [S-1-5-21-335968984-468744214-619646970-515] [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_id_from_sid(315) db_get_id_from_sid [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221) internal_get_id_from_sid: fetching record = S-1-5-21-335968984-468744214-619646970-515 of type 0x2 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228) internal_get_id_from_sid: record = S-1-5-21-335968984-468744214-619646970-515 -> GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(262) internal_get_id_from_sid: ID_GROUPID fetching record = S-1-5-21-335968984-468744214-619646970-515 -> GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190) internal_get_sid_from_id: fetching record GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196) internal_get_sid_from_id: fetching record GID 15035 -> = S-1-5-21-335968984-468744214-619646970-515 [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(181) idmap_sid_to_gid: gid =3D [15035] [2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325) process_request: request fn GID_TO_SID [2005/10/19 08:13:42, 3] = nsswitch/winbindd_sid.c:winbindd_gid_to_sid(406) [ 0]: gid to sid 15035 [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_gid_to_sid(124) idmap_gid_to_sid: gid =3D [15035] [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_sid_from_id(283) db_get_sid_from_id: id_type_in =3D 0x32 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190) internal_get_sid_from_id: fetching record GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196) internal_get_sid_from_id: fetching record GID 15035 -> = S-1-5-21-335968984-468744214-619646970-515 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221) internal_get_id_from_sid: fetching record = S-1-5-21-335968984-468744214-619646970-515 of type 0x2 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228) internal_get_id_from_sid: record = S-1-5-21-335968984-468744214-619646970-515 -> GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(262) internal_get_id_from_sid: ID_GROUPID fetching record = S-1-5-21-335968984-468744214-619646970-515 -> GID 15035 [2005/10/19 08:13:42, 10] nsswitch/winbindd.c:process_request(325) process_request: request fn GETPWNAM [2005/10/19 08:13:42, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(336) [ 0]: getpwnam acs\acsxpeit$ [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1533) Retrieving response for pid 12260 [2005/10/19 08:13:42, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1533) Retrieving response for pid 12260 [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_uid(144) idmap_sid_to_uid: sid =3D = [S-1-5-21-335968984-468744214-619646970-18705] [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_id_from_sid(315) db_get_id_from_sid [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221) internal_get_id_from_sid: fetching record = S-1-5-21-335968984-468744214-619646970-18705 of type 0x1 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228) internal_get_id_from_sid: record = S-1-5-21-335968984-468744214-619646970-18705 -> UID 17095 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(243) internal_get_id_from_sid: ID_USERID fetching record = S-1-5-21-335968984-468744214-619646970-18705 -> UID 17095 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190) internal_get_sid_from_id: fetching record UID 17095 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196) internal_get_sid_from_id: fetching record UID 17095 -> = S-1-5-21-335968984-468744214-619646970-18705 [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_uid(151) idmap_sid_to_uid: uid =3D [17095] [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(173) sid_to_gid: sid =3D [S-1-5-21-335968984-468744214-619646970-515] [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:db_get_id_from_sid(315) db_get_id_from_sid [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221) internal_get_id_from_sid: fetching record = S-1-5-21-335968984-468744214-619646970-515 of type 0x2 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228) internal_get_id_from_sid: record = S-1-5-21-335968984-468744214-619646970-515 -> GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_id_from_sid(262) internal_get_id_from_sid: ID_GROUPID fetching record = S-1-5-21-335968984-468744214-619646970-515 -> GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190) internal_get_sid_from_id: fetching record GID 15035 [2005/10/19 08:13:42, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196) internal_get_sid_from_id: fetching record GID 15035 -> = S-1-5-21-335968984-468744214-619646970-515 [2005/10/19 08:13:42, 10] sam/idmap_util.c:idmap_sid_to_gid(181) idmap_sid_to_gid: gid =3D [15035] [2005/10/19 08:13:43, 10] nsswitch/winbindd.c:process_request(325) process_request: request fn GETPWNAM [2005/10/19 08:13:43, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(336) [ 0]: getpwnam acs\zz.ccolht [2005/10/19 08:13:43, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1533) Retrieving response for pid 12260 [2005/10/19 08:13:43, 10] = nsswitch/winbindd_cache.c:cache_retrieve_response(1533) Retrieving response for pid 12260 [2005/10/19 08:13:43, 10] sam/idmap_util.c:idmap_sid_to_uid(144) idmap_sid_to_uid: sid =3D = [S-1-5-21-335968984-468744214-619646970-25093] [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:db_get_id_from_sid(315) db_get_id_from_sid [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221) internal_get_id_from_sid: fetching record = S-1-5-21-335968984-468744214-619646970-25093 of type 0x1 [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228) internal_get_id_from_sid: record = S-1-5-21-335968984-468744214-619646970-25093 -> UID 15335 [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(243) internal_get_id_from_sid: ID_USERID fetching record = S-1-5-21-335968984-468744214-619646970-25093 -> UID 15335 [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190) internal_get_sid_from_id: fetching record UID 15335 [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196) internal_get_sid_from_id: fetching record UID 15335 -> = S-1-5-21-335968984-468744214-619646970-25093 [2005/10/19 08:13:43, 10] sam/idmap_util.c:idmap_sid_to_uid(151) idmap_sid_to_uid: uid =3D [15335] [2005/10/19 08:13:43, 10] sam/idmap_util.c:idmap_sid_to_gid(173) sid_to_gid: sid =3D [S-1-5-21-335968984-468744214-619646970-513] [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:db_get_id_from_sid(315) db_get_id_from_sid [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(221) internal_get_id_from_sid: fetching record = S-1-5-21-335968984-468744214-619646970-513 of type 0x2 [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(228) internal_get_id_from_sid: record = S-1-5-21-335968984-468744214-619646970-513 -> GID 15000 [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_id_from_sid(262) internal_get_id_from_sid: ID_GROUPID fetching record = S-1-5-21-335968984-468744214-619646970-513 -> GID 15000 [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_sid_from_id(190) internal_get_sid_from_id: fetching record GID 15000 [2005/10/19 08:13:43, 10] sam/idmap_tdb.c:internal_get_sid_from_id(196) internal_get_sid_from_id: fetching record GID 15000 -> = S-1-5-21-335968984-468744214-619646970-513 [2005/10/19 08:13:43, 10] sam/idmap_util.c:idmap_sid_to_gid(181) idmap_sid_to_gid: gid =3D [15000] ################################################## ################### =20 ************************************************** ***********************= ********** This transmittal may contain confidential information intended solely = for the addressee. If you are not the intended recipient, you are hereby notified that you have received this transmittal in error; any review, dissemination, distribution or copying of this transmittal is strictly prohibited. If you have received this communication in error, please = notify us immediately by reply or by telephone (collect at 907-564-1000) and = ask to speak with the message sender. In addition, please immediately delete = this message and all attachments. Thank you. ACS -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba 
|
Linear Mode
