Bug 7539 - NT ownership/perms problem using SMB server
NT ownership/perms problem using SMB server
Product: Red Hat Linux
Classification: Retired
Component: samba (Show other bugs)
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Trond Eivind Glomsrxd
Depends On:
  Show dependency treegraph
Reported: 1999-12-03 09:40 EST by zbeckman
Modified: 2008-05-01 11:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-05-07 15:11:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description zbeckman 1999-12-03 09:40:24 EST
We just installed RH 6.1 on our file server (from scratch, not na
upgrade). We configured it to continue providing domain controller
services (via SMB) to our network of '95 and 'NT machines. We were able to
preserve our existing smb.conf file, with only a couple of minor updates.

After the initial configuration problems (e.g. each 'NT machine "forgot"
that it was in the domain and had to be re-added), most services work
fine. We are able to share files, authenticate/login from the 'NT
machines, etc.

HOWEVER, there is one horrible problem that we have been unable to solve.
There seems to be a problem with user permissions or group membership;
it's not clear which. The symptom is that every time a user logs in, the
'NT machine creates a _new account_ for the user, as if they had never
logged in before. FURTHERMORE, once logged in, the user is unable to make
any changes to the local machine settings; it seems that any preference
changes result in an access denial of some kind. For instance, trying to
change desktop preferences doesn't work; trying to change system settings
(such as keyboard or date) results in an access denial message. This poses
a serious problem, since user's are unable to save any information about

I have tried, as an experiment, download the head branch of SAMBA. This
never (alpha 2.1) version seems to behave much the same way, although
there are some additional services available (e.g. under 2.1 a user can
actually browse the group membership lists, etc.; while under the version
that comes with RH 6.1 such browsing is not supported). Both versions
demonstrate the "lack of access rights" problem described above.

I'm hoping this is a configuration error--perhaps some new settings that
we need to implement since the upgrade. If anyone can help, please do!
Otherwise, I hope it gets filed as a priority bug...

Zacharias J. Beckman
Comment 1 Bill Nottingham 1999-12-06 12:18:59 EST
Are you using encrypted passwords?

------- Email Received From  "Zacharias J. Beckman" <zbeckman@creativesun.com> 12/06/99 12:35 -------
Comment 2 Bill Nottingham 1999-12-08 18:21:59 EST
Hmm... while we're still looking at this, you may want
to try the samba-2.0.6 packages from Raw Hide. Looking
at the changelog, however, there doesn't seem to be anything
in particular that would relate to this.
Comment 3 Andrew Bartlett 2000-11-19 16:59:39 EST
A few comments on the original question:

The NT Machines only know they are a member of the domain by the servers
/etc/MACHINE.SID file, the upgrade probably changed this.

Regarding PDC support try Samba 2.0.7, and read the documents at
http://bioserve.biochem.latrobe.edu.au/samba/ or look at
http://www.samab-tng.org for Samba TNG, an attempt to get full PDC support for
samba.  Finally the original Samba team are attempting to get better PDC support
too, see http://www.samba.org for details.
Comment 4 Henri Schlereth 2001-01-21 08:49:10 EST
Does this problem still exist? Has any resolution been found?
Comment 5 Trond Eivind Glomsrxd 2001-06-18 11:42:11 EDT
No feedback, so I assume it's fixed. Reopen with more information if it isn't.

Note You need to log in before you can comment on or make changes to this bug.