[Samba] Update -- Username to SID translation on Security Tab

Buchan Milne bgmilne at cae.co.za
Tue Aug 13 05:49:00 GMT 2002

Oops, I missed that.

I only have access to one production winbind box, and it's at a client, 
and it doesn't really do much file serving (it mainly does mail).

Set debug level to somewhere between 3 and 5, and then check the logs 
that apply to the connection. I found errors not being able to map the 
SID to a uid, thus it couldn't apply an ACL.

This, AFAIK, is *supposed* to work.


James S. Martin wrote:
> The strange thing is that I am running winbind.  The samba server 
> belongs to a Windows 2000 domain.
> James
> Buchan Milne wrote:
>> This is due to samba not correclty looking up SIDs of the domain. I 
>> see the same on a samba member server of a samba domain.
>> At least in your situation you can fix it, by running winbind, whereas 
>> I have no recourse, except possible to make all member servers use 
>> LDAP and security=user .... who knows.
>>> Message: 17
>>> Date: Mon, 12 Aug 2002 11:47:38 -0400
>>> From: "James S. Martin" <james.martin at digex.com>
>>> To: samba at lists.samba.org
>>> Subject: [Samba] Update -- Username to SID translation on Security Tab
>>> Below is a message I sent out on Friday..  I've noticed something 
>>> even stranger now-- if I attempt to remove the SID from the 
>>> permissions window and hit "Apply" it dissappears for a moment and 
>>> comes right back.   Also, If I remove it, then manually add myself to 
>>> the permissions file, it shows up fine, but after I hit Apply, it 
>>> goes back to the SID.   So I have two problems here, the Samba server 
>>> doesn't seem to be translating the SID to domain username(but doesn't 
>>> have a problem with the groups), and it also is not letting me change 
>>> the permissions on a file which I own.  Any ideas?
>>> James
>>> _____________________________________________
>>> I'm running Samba/Winbind 2.2.5.  I have the box joined into my NT 
>>> Domain and everything is peachy.  I copied a file from my Windows box 
>>> to the Samba and then clicked on properties and checked the 
>>> permissions. First off, it took a while to retrieve the permissions, 
>>> secondly the last name on the list was something like 
>>> S1-2343-23423232-81238912389, which I believe is a SID.  Now I logged 
>>> onto the box with a domain account that the Samba server belongs to.  
>>> Why isn't the permission list for that file mapping to the username 
>>> of the account I logged in as? Why is it using the SID?
>>> Thanks,
>>> James

|----------------Registered Linux User #182071-----------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7

More information about the samba mailing list