[Samba] create_canon_ace_lists: unable to map SID
Mac
mac at nibsc.ac.uk
Fri Apr 23 10:59:54 GMT 2004
Hi all,
I'm trying to get a Samba server (which is a member of a Samba
controlled domain) to store WinXP Pro user's profiles. The XP user
is authenticating against a 2003 Active Directory server, which then tells
it to store it's profile on my Samba server.
The 'profiles' share exists and is writeable and under some circumstances
we can get profiles to be stored there, however, most times we get:-
[2004/04/23 10:22:32, 0] smbd/posix_acls.c:create_canon_ace_lists(1380)
create_canon_ace_lists: unable to map SID S-1-5-21-973294077-3660535-3933214913-1177 to uid or gid.
in the samba log files accompanied by an error message on the client.
This is with Samba 3.0.2a on Solaris 9 (the Samba DC is 2.2.8a on IRIX)
The searching I've done so far suggests that I might be able to workaround this with:-
nt acl support = no
but I can't find that in Samba 3.x doco? Has it been retired?
My gut feeling is that the Samba server (or possibly the DC) needs to know
what the user's SID is. But (since it's not joined to the AD) it doesn't, and
attempts at autogenerating one will fail to match. Is this close?
Mac
Assistant Systems Adminstrator @nibsc.ac.uk
dmccann at nibsc.ac.uk
Work: +44 1707 641565 Everything else: +44 7956 237670 (anytime)
More information about the samba
mailing list