Hi List
Anyone ever had to do with a Domain integrated samba? (otherwise just delete this mail :))
I got a bit a strange issue:
I have a w2k3 ADS with Server for Unix (schema-extension so that UID, Homedir and loginshell can be hold within the ADS), have a Linux Box integrated into ADS (fully integrated, LDAP & Kerberos5, no winbind needed)
The domain users are visible via 'getent passwd/group', the users can login and have the right memberships. Everything is fine, user can access files which have the appropriate rights on group (root:"Domain Users", rwxrwx---)
When a file is owned by the domain user itself samba lets me do whatever i want to do.
But, when the shared directory is owned by someone other, but the domainuser should have access through the group permissions, nothing works anymore and i get a NT_ACCESS_DENIED
A bit testing showed that files on the samba can only be accessed when the file is owned by the appropriate user, but not else (neither Group nor World accessrights seems to work)
After spending hours with google i feel quite alone :)
Did someone else ever had issues with domain-joined samba and group-access?
Cheers Josh