[Samba] Samba / W2K Domain / ACLs

Goetz Rieger goetz.rieger at suse.de
Fri Feb 22 05:19:02 GMT 2002

Hello List,

I have compiled and setup samba 2.2.3a with-acl-support on a s390 as a
member in a W2K domain (security = domain, password server = ... etc.).
Kernel and ext2 is patched with the bestbits acl patches, the users are in
the /etc/passwd.

Everything works fine: 
-File acls can be set and modified with the setfacl/getfacl tools as well
as through the W2K security dialog.

Except one:
-When I try to add a new (domain account) user to the file acl through the
W2K dialog box, I get the famous: create_canon_ace_lists: unable to map
SID <SID> to uid or gid.

I think the reason is that the name of the domain user account is like
"domain/username" and the accounts on the samba box are showed in the
dialog box like "sambaserver/username".

I know this is a known problem. Is there some kind of workaround without
using winbindd?

Best Regards,

More information about the samba mailing list