samba AD group inconsistency
Hi all.
I just noticed a weird problem and I have been spending couple of days to find the issues. I have centos 5.8 with samba3x-3.5 connecting to AD. What i just noticed is that, certain users have groups that are not even assigned to them. At first I thought it was cache and tried restarting samba and winbind and it didnt work. Code:
[root@linux-box ~]# getent group Code:
[root@linux-box ~]# id eliza Code:
[root@linux-box ~]# id johnq Any pointers is appreciated. Thanks! |
Is there an overlap of gid (group identifiers (numbers)) on the host in /etc/groups and the UNIX attributes of the AD groups, they need to be unique.
Is the /etc/nsswitch.conf group entry set to "group file ldap"? |
Hi,
There's no overlap. However I just noticed that prior to that, users have access to multiple groups and when it was removed from AD, ldap seems to still have the cache around. Restarting samba winbind didnt do the trick. I went through samba docs and decided to add in the config Quote:
|
All times are GMT -5. The time now is 11:23 PM. |