Hello,
Kind of caught off-guard from this morning's news. Makes me happy that we
just bought three xserves with a lot of Vtrak storage <--sarcasm
Anyway, the new 10.6 servers are bound to AD and joined to the kerb realm.
Setup was a dream and everything seemed to be working greatŠ Until I started
testing with users. I have a share which I have given ACL permissions to a
group from Active Directory. Joe User who is a member of this group is
unable to connect to the share. "Connection failed There are no shares
available or you are not allowed to access them on the server
"constellation"l Please contact your system administrator to resolve the
problem"
So in troubleshooting, I added myself to the AD group in questionŠ And get
the correct permissions to the share I had setup. I am not using any SACL's
on file sharing. When I look at the account and group using dscl, group
membership looks perfectly fine. I can also see the correct groups when
querying the directory cache. However the weird thing is that using the
'id' command returns different groups. It returns only the domain users
group along with some groups that are nested for domain users.
Has anyone come across this before? Any suggestions? I brought this up to
our Windows engineer this morningŠ So I'm sure I'll be digging into it with
him later today or next week.
Thanks guys,
Ken Edgar
