HI Rockstor Team,
i have added my Rockstor to an Active Directory Domain (Join was successful).
In users and groups, I see all items from AD (Users, Groups and Computeraccounts).
I have created a share, set permissions to share (owner and group from AD), permission 777.
In samba I added this share and tried to access the UNC path – so far so good.
I´m also able to set permissions with owner.
But as soon as I try to access the samba share with another user from same domain, who is member of the group, the user is not able to access this share.
If I enable access for everyone the user can access, but not if I add only the group.
I have verified the Kerberos token of the user (klist and verified group membership with whoami /all), and I see the correct Kerberos token for the server (cifs/fqdn@domain name, keytype: AES-256-CTS-HMAC-SHA1-96).
DC is a Windows Server 2022.
May you have an idea what´s going wrong, or maybe how to debug this issue.
Many thanks
Chris