validating owner sids

Guenther Deschner gd at
Wed Jun 23 07:41:30 GMT 2004


sorry for the self-repy.

Maybe I describe my problem with the current code-path a little further,
since noone took care of it yet:

I have a large number of NT4-Fileservers that have to be migrated to samba
file-servers. On those NT4-servers, some files and directories are owned
by valid domain-users. Those files (including their acls) are nicely
migrated by scopy.exe. So far, so good. 

But: on those NT4-servers most files and directories are owned just by the
local Admnistrators-group (rather difficult to map onto posix
file-semantics). When now scopy.exe (the tool my customer has to use for
various reasons) starts to copy files and directories to the samba-servers
and then tries to migrate permissions and acls, set_nt_acl is called.
set_nt_acl currently always returns False, as soon as it cannot map the
owner-security-information to a valid unix-uid. scopy then stops copying
that file (it remains crippled then with the size of zero and without any
acl-information copied) and continues with the next file.

This is bad, IMHO. 

So why can't we just make the ACL_FORCE_UNMAPPABLE-condition reaccessible
via lp_force_unkown_acl_user as it was implemented for a while in
samba-2.2 ? It solves the problem in the best possible way by assigning
the current's user uid/gid to the file.


Guenther Deschner,  SerNet Service Network GmbH
Phone: +49-(0)551-370000-0,  Fax: +49-(0)551-370000-9
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :

More information about the samba-technical mailing list