I have been testing on a SLES 11 SP2 server trying to understand how SAMBA works but I just dont get it. I have been reading multiple books as well as looking through the internet and I am thinking I am doing things right but groups just aren't working for me.

I am setting up SAMBA to run as a PDC with LDAP. I set up some shares with different rights per Groups and it appears that SAMBA is only looking at the primary group set with chgrp. I made several users and added them to samba via YAST and they show up in SAMBA but if the users primary group does not match the directories group, it doesn't let me change rights via SAMBA share options.

I did check to make sure that the LDAP server by running some commands which I can't remember off hand - that did respond that users were authenticating against LDAP.

My questions are:
Does SAMBA look at the LDAP groups or are the LDAP and unix groups supposed to be mapped together?

What are the Free or relatively low cost programs out there that will help me do LDAP and SAMBA management? (I looked at the LAM program but it costs to allow SLES deal with groups)

Any help would appreciated,
Heinzk1