[RHEL5.4] Problem with valid users in samba

[wodel]

Hi,

I have a Samba PDC, configured with Zimbra.
I have a problem with a share access, I have two posix group, Alpha and Beta, and three users, user1 and user2 in Alpha, user3 in Beta, I have also add the user2 to the Beta group.

this is a section of my smb.conf describing a share with a valid users section
[Sales]
comment = Sales
path = /home/sales
read only = No
valid users = @Beta
create mode = 0660
directory mode = 0770

sometimes, only the user3 could access the share, some other times, every one could access the share, there is no respect of ACL.

[ocx]

hi, i have a problem with machines joining domain.

There are 3 things that can happen

1. Error with remote procedure call, no posix account added, no samba account added for machine
2. RPC error again, posix account added, sambaSAM not added.
3. User not found/rpc error/login failed, but machine account added


in any of the cases the way to go is to continue trying join a domain, entering login/pw 2-3 times, then it will join.

If there is existing machine account in LDAP already, usually it joins from 1-st time, or 100% joins from 2nd time after.

an extract from samba log
[2011/06/08 11:36:01.427257, 2] smbd/sesssetup.c:1391(setup_new_vc_session) - Pastebin.com
The line that always appears in log during those fail tries: _netr_ServerAuthenticate3: no challenge sent to client TEST-XP

add machine from smb.conf:

Code:

        ;add machine script = /usr/sbin/useradd  -c Machine -M -s /bin/false %m$
        add machine script = /usr/sbin/smbldap-useradd -t 25 -c "Domain Computer" -w "%m"

also tried cleaning nscd cache, no luck. Stopped nscd at all, for test purposes, no luck.


Running 8.0 built from trunk, on debian6 x86_64
Samba from debian repo:
# smbd -V
Version 3.5.6

libpam and libnss installed and configured. Checked LDAP logs, no criminal, machine is being checked at ou=machines


Any ideas how to fix this?