[Samba] Windows File-Security Tab out of sync and wrong SID Mappings
with WINBIND 8-(
Petry Roman, ITS-IT
Roman.Petry at dillinger.biz
Tue Apr 15 08:50:41 GMT 2003
Hello, i just searched the archive, but had no luck with my problem. Perhaps
somebody could help me please.. We use Linux with ACL Kernel 2.4.17. EXT3
My samba 2.2.8a server shows different output in the Security Tab of Files
If i create a new file in linux and set the permissions with setfacl -m to
DOMAIN*GROUP testfile i see in the securty settings the following entrys
only those entrys with unix_group and no real names..
if i change the settings from windows 2k and add a new user to the list , it
(User) robert test (DOMAIN\testuser)
(Group) AD (DOMAIN\AD)
if i change the settings from nt 4.0 it changes to.
Why can´t i see real names ??
output of getfacl shows
getfacl: Removing leading '/' from absolute path names
# file: webserver/htdocs/fwb/testthomas
# owner: DOMAIN*TESTOWNER
# group: DH-COM*TESTGROUP
That´s one of my problems..
The second one is
If i select a new user and want to give hime some access from NT I select
the user from the user list and after ok I can´t see him in the list..
in the log.station i see only those entrys..
[2003/04/15 09:35:38, 3]
call_nt_transact_set_security_desc: file = test, sent 0x4
[2003/04/15 09:35:38, 3] smbd/uid.c:fetch_sid_from_uid_cache(591)
fetch sid from uid cache 10195 ->
[2003/04/15 09:35:38, 3] smbd/uid.c:fetch_sid_from_gid_cache(667)
fetch sid from gid cache 10361 ->
[2003/04/15 09:35:38, 0] smbd/posix_acls.c:create_canon_ace_lists(1018)
create_canon_ace_lists: unable to map SID
S-1-5-21-1558126179-1158248748-102967255-4646 to uid or gid.
[2003/04/15 09:35:38, 3] smbd/process.c:process_smb(846)
Transaction 474 of length 46
The unable to map error is very abnormal.. also this SID does not exist. It
should be the SID of the new USER or Group .. Why is there a wrong SID in
this List ?
Any hints for me ??
thanks in advance..
More information about the samba