|Main Archive Page > Month Archives > samba-users archives|
thanks, reinhard, apparently you are quite right--the development server
on which i performed the initial testing had a much more recent level of
operating system patches than did the deployent system. in our case, the
sun machines are ldap clients (specifically, of a sun 1 ldap server); it
is from this source that the secondary group information comes.
interestingly, while i was plunking around with this over the weekend i
noticed that by doing a "getent group > /var/tmp/groups_all" followed by
"cp /var/tmp/groups_all /etc/group" (ie, putting all of the unix group
information in the local /etc/group file), suddenly samba could see and
honor 2ndry groups as expected. admittedly, no substitute for a properly
patched o.s., but perhaps a suitable interim workaround for some other
desperate soul down the road.
> some years ago I had a similar problem with Solaris 9 and Samba 3.0.x.
> The reason was some sort of incompatibility between OpenLDAP's libldap
> and Sun's libsldap, can't remember the exact details. Anyway the
> behavior of Solaris 9 in honoring secondary groups was dependent on the
> patch level, and the whole issue was resolved with a patch from Sun.
> Are you sure that both servers are on the same patch level? Check
> /etc/release and the patches for LDAP on both systems, maybe you can
> find a difference that explains this behavior.
> kind regards,
> Joe Cammisa wrote:
>> samba-3.4.8 built under solaris_10 (--with-krb5=/sr/local/lib --with-ads
>> --with-ldap); on my test server it runs flawlessly; however on the
>> production server, there is a big exception: users' secondary group
>> memberships are not honored.
>> again, same samba version, built against the same libraries in the same
>> way with the same config file in both cases. any one with an idea how i
>> might make this work? many thanks in advance!!
-- Joe Cammisa Networking & Systems College Information Resources Haverford College phone: 1-610-896-4239 email: firstname.lastname@example.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba