Setting ACLs when creating files from Windows
Kai Blin
kai at samba.org
Thu Aug 7 13:41:48 GMT 2008
On Thursday 07 August 2008 13:48:13 simo wrote:
> To be honest, windows machines can store in the file system just any SID
> handled to them, but they will never do any mapping server side.
> So if you take 2 windows client and try to set the SID of user Foo on
> client 1 on client 2, user Foo of client 2 will not actually be able to
> access the resource, as the SID will not match.
So basically this would work in Samba4? As far as I understand, the limitation
is that S3 requires foreign SIDs to map to a user, and as the servers are
running standalone, winbind is not used for uid<->sid mapping.
Samba4 currently maps whatever SID to a unix uid if it needs to pass it to
something that only understands uids/gids, always making use of winbind for
this mapping. This sounds like what Windows is doing, just that we need to do
the sid<->uid step to keep POSIX filesystems happy.
Cheers,
Kai
--
Kai Blin
WorldForge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
--
Will code for cotton.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.samba.org/archive/samba-technical/attachments/20080807/b4f8b6cc/attachment.bin
More information about the samba-technical
mailing list