Ubuntu 14.04 Samba Write List Permission Only Works With Primary Group After Upgrade From 12.04 – Secondary Groups Not Working

For example. User “user1”, has a primary group of “main-users”, and secondary group of “managers”. When “user1” tries to access a Samba folder(s) with “write list = @main-users” (their primary group) the permissions are applied properly and access granted, but when “user1” tries to access a Samba folder with “write list = @managers” (their secondary group) the folder(s) can not be accessed.

01. You need to delete and then recreate the group(s) in Samba. This does not delete any group(s) from OpenLDAP or Linux permissions, only Samba.

I found the easy way to do this was through webmin ( https://localhost:10000/ ).
Servers->Samba Windows File Sharing->Samba Users-Samba Groups

02. After making the necessary changes on the server side, have the user(s) reboot their systems in order for the changes to take effect.

I believe the issue is caused due to a possible de-linking of the OpenLDAP/Linux SIDs in Samba; recreating the groups in Samba re-links them to the correct domain group.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s