[Samba] Winbind + ext3 ACLs
Sean Kennedy
skennedy at tpno.org
Thu Jul 29 21:06:12 GMT 2004
Hi folks,
For the longest time, I've had a problem changing or modifying ACLs from
my window clients. Whenever I tried, I'd get this in the logs:
[2004/07/29 12:36:26, 0] smbd/posix_acls.c:create_canon_ace_lists(823)
create_canon_ace_lists: unable to map SID
S-1-5-21-1292428093-651377827-xxxxxxxxx-1333 to uid or gid.
I could change the ACLs using getfacl/setfacl, btw.
After a little investigation, I think I've found the problem. I'm using
winbind here, but I'm using this option:
winbind use default domain = yes
Which, for the sake of completeness, strips out domain info out of the
username. So instead of `BOCA/skennedy`, it comes out as `skennedy`.
This is where I think my problem is. Using wbinfo, I resolved that SID
to BOCA/skennedy, who happens to be a completely different user name.
My question is this: Does my logic seem correct to everyone else? Is
there anything else I should be looking at? Further, does anybody have
a solution to this problem? This server is also a web/email server for
the intranet, and I am trying to avoid setting up a new server ( we have
4 going already, mainly for window crap ) if at all possible.
Any help is greatly apprecaited.
Sean
More information about the samba
mailing list