Prev: sambaLogonScript problem
Next: [Samba] Removing a Samba4 DC from a Samba4 domain
From: Krigler Pavol on 3 Jul 2010 12:40
Hello,

I have installed CentOS 4.8 with samba 3.0.33. After joining to AD,
group permission do not work. After "net groupmap add..." command
nothing changed:

# getfacl TESTDIR/
# file: TESTDIR
# owner: root
# group: testgroup
user::rwx
group::rwx
other::---

user1 is in group "testgroup"

net groupmap list
testgroup (S-1-5-21-2207241064-1835560224-3992551478-2193) -> testgroup

I am not able read from directory TESTDIR although the user1 is member
of "testgroup"

Here is my smb.conf:
[global]
workgroup = ad
server string = Intranet
netbios name = IS
follow symlinks=yes
dos filemode = yes
acl group control = yes
inherit permissions = no
nt acl support = yes
map acl inherit = yes
realm = AD.COMPANY.COM
server signing = auto
log file = /var/log/samba/%m.log
max log size = 50
security = ads
password server = 10.1.1.1
encrypt passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = no
domain master = no
preferred master = no
dns proxy = no
template shell = /bin/false
winbind use default domain = yes
idmap backend = ad
idmap uid = 100-20000000
idmap gid = 100-20000000
winbind nss info = rfc2307
[share]
comment = Some share
path = /var/opt/share/
public = yes
writable = yes
create mask = 0664
directory mask = 0775
browseable = yes


Below are log level 10 debug messages:
======================================
[2010/07/03 16:59:50, 3] smbd/process.c:switch_message(932)
switch message SMBtrans2 (pid 4097) conn 0x8b67a28
[2010/07/03 16:59:50, 4] smbd/uid.c:change_to_user(183)
change_to_user: Skipping user change - already user
[2010/07/03 16:59:50, 3] smbd/trans2.c:call_trans2findfirst(1704)
call_trans2findfirst: dirtype = 16, maxentries = 1366,
close_after_first=0, close_if_end = 2 requires_resume_key = 4 level =
0x104, max_data_bytes = 16384
[2010/07/03 16:59:50, 5] smbd/filename.c:unix_convert(147)
unix_convert called on file "ip/dokumentacia/server/TESTDIR/*"
[2010/07/03 16:59:50, 10] smbd/statcache.c:stat_cache_lookup(215)
stat_cache_lookup: lookup failed for name
[IP/DOKUMENTACIA/SERVER/TESTDIR/*]
[2010/07/03 16:59:50, 10] smbd/statcache.c:stat_cache_lookup(248)
stat_cache_lookup: lookup succeeded for name
[IP/DOKUMENTACIA/SERVER/TESTDIR] -> [ip/dokumentacia/server/TESTDIR]
[2010/07/03 16:59:50, 5] smbd/filename.c:unix_convert(246)
unix_convert begin: name = ip/dokumentacia/server/TESTDIR/*, dirpath =
ip/dokumentacia/server/TESTDIR, start = *
[2010/07/03 16:59:50, 10] smbd/mangle_hash2.c:is_mangled(276)
is_mangled * ?
[2010/07/03 16:59:50, 10] smbd/mangle_hash2.c:is_mangled_component(215)
is_mangled_component * (len 1) ?
[2010/07/03 16:59:50, 5] smbd/trans2.c:call_trans2findfirst(1769)
dir=ip/dokumentacia/server/TESTDIR, mask = *
[2010/07/03 16:59:50, 5] smbd/dir.c:dptr_create(392)
dptr_create dir=ip/dokumentacia/server/TESTDIR
[2010/07/03 16:59:50, 5] smbd/dir.c:OpenDir(1079)
OpenDir: Can't open ip/dokumentacia/server/TESTDIR. Permission denied
[2010/07/03 16:59:50, 3] smbd/error.c:error_packet_set(106)
error packet at smbd/trans2.c(1833) cmd=50 (SMBtrans2)
NT_STATUS_ACCESS_DENIED
[2010/07/03 16:59:50, 5] lib/util.c:show_msg(506)
[2010/07/03 16:59:50, 5] lib/util.c:show_msg(516)
size=35
smb_com=0x32
smb_rcls=34
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51265
smb_tid=2
smb_pid=1744
smb_uid=103
smb_mid=10304
smt_wct=0
smb_bcc=0



Any help would be appreciated,

Krigler Pavol
 | 
Pages: 1
Prev: sambaLogonScript problem
Next: [Samba] Removing a Samba4 DC from a Samba4 domain