[Samba] Another Samba+ACLs thread
David Pullman
dpullman at cme.nist.gov
Wed Nov 27 03:47:00 GMT 2002
Andrew Furey wrote:
>>> The problem arises when I try to change them from W2k. It silently
>>> fails (from 2k's point of view), but in the log files I see
>>> something like "unable to map SID [blah] to uid or gid".
>>
> >
>
>> Is the win2k user the owner (in the unix sense) of the file. ?
>>
>> Even though you have ACL's only the owner or root can actually change
>> them.
>
>
> Via username mapping, yes (we're a member server in a 2k mixed domain,
> but that side of things seems to be working).
>
> On further investigation, it appears that I _can_ modify existing
> ACLs, and I can even remove them (users, at least); but I can't add
> users to the ACL, which is what I really need.
>
Andrew,
It may be that my post yesterday is about the same issue. I've noted
that according to the log.nmbd that I have the same error. I can edit
the perms on acl entries, or delete an acl entry, but cannot add a user
to a list from the w2k side (I can of course use setfacl from the unix
clients of the file server or on the server itself).
My tests also were done as the owner of the file. In fact, our NT
domain and NIS passwd have identical user names. It just can't
determine the uid of the user from the machine SID+RID.
Dave
More information about the samba
mailing list