Problem related to ID_TYPE_BOTH -Need suggestion

Abhidnya S Joshi achirmul at
Fri Jul 19 02:18:22 MDT 2013

Hi Stefan,

I think that still wont solve issue during NFS access. Also even though 
Samba works fine with a user being treated as group while putting ACLs, 
with this every user will always be treated as group. I think this looks 
little odd.

Thanks and Regards

From:   "Stefan (metze) Metzmacher" <metze at>
To:     Abhidnya S Joshi/India/IBM at IBMIN, 
Cc:     samba-technical at
Date:   07/18/2013 05:51 PM
Subject:        Re: Problem related to ID_TYPE_BOTH  -Need suggestion

Hi Abhidnya,

> With this change, where user is getting set as group, file access 
> Samba works fine. But If we want to export same share with NFS then it 
> gives access denied for user testuser1 (This I tried on GPFS). This is 
> because while evaluating access, GPFS gets no ACE with user testuser1 
> its neither part of group testuser1 (as it was set by Samba). Also when 
> try to access file locally on GPFS as testuser1, it gets access denied. 
> The ACLs on file in GPFS look like
> group:VIRTUAL1\administrator:rwxc:allow
> group:VIRTUAL1\testuser1:rwxc:allow
> Thus I think ID_TYPE_BOTH support + sid_to_gid() call first will cause 
> problem with multi protocol environment.

I guess we need to fix pam_winbind or nss_winbind, so that the user gets
the correct
unix token also on the command line or via nss.


[attachment "signature.asc" deleted by Abhidnya S Joshi/India/IBM] 

More information about the samba-technical mailing list