Samba 4.0 ntacl sysvolcheck

Gémes Géza geza at
Sat Dec 29 23:47:31 MST 2012

2012-12-30 00:02 keltezéssel, Andrew Bartlett írta:
> On Sat, 2012-12-29 at 17:21 +0100, Gémes Géza wrote:
>> Hi,
>> Today I've (finally) upgraded our production DCs from rc3 to 4.0 and
>> hoping to fix some sysvol acls run samba-tool ntacl sysvolreset on them
>> (which went fine, without errors), and after that a ntacl sysvolcheck
>> which produced (on both DCs):
>> I've added acl:search = false to the smb.conf, have log level = 0 and
>> using a bind dlz backend the rest is at the default values.
>> The domain was created by a classicupgrade at beta8 then upgraded to
>> various rc levels (the last one being rc3) from which today it was
>> upgraded to 4.0 final.
>> Please tell me if you need more detail.
> I'm aware of this known issue on classicupgrade domains, but please file
> a bug so we can track getting this fixed (if possible).  The issue is
> that we do not have a way to map 'domain admins' to a UID, so we punt
> and make the file owned by 'administrator' instead.  I thought I had a
> way to force the owner to be falsely reported to clients and 'samba-tool
> ntacl sysvolcheck', but this seems not to be working.
> Andrew Bartlett

Submitted it as Bug 9524 <>


Geza Gemes


More information about the samba-technical mailing list