[Samba] Samba 3.0.4 acl problem

Prajjwal prajjwal at wlink.com.np
Fri Jun 25 11:45:34 GMT 2004

Hi list

I have a strange problem with my Samba 3.04 server running on redhat 9 
with 2.4.24 kernel (with acl patch from acl.bestbits.at applied to it). 
  Acls are working fine on my system, and my server is working fine as a 
Samba PDC (or so it seems).

I can view and modify any permissions on the existing files that are 
being shared.  If setfacl has been used to grant additional users 
permissions, then those users are also displayed, and their permissions 
can also be set.

However, if I try to add any new users to the acl, a dialog box pops up, 
asking me to provide it with the username and password of a user with 
permissions to modify on my domain, and when I supply the username and 
password, the dialog responds that multiple connections to the shared 
resource are not allowed, and it asks me to close all other connections 
before trying again.

I've been baffled by the problem for quite a while, and am googling the 
net for an answer, but I haven't found a solution yet.  The strange 
thing is that when the user list is displayed in the acl select dialog, 
I get several weird lines in my samba machine log file.

I'm including the log lines with this letter.

I hope you can help me.


Prajjwal Devkota

Strange log lines:

%m.log lines:
A. domain sid conflicts?

log lines:
   init_sam_user_info_21A: User root has Primary Group SID S-1-5-32-544,
   which conflicts with the domain sid 
S-1-5-21-2006529868-80066561-100632871.  Failing operation.

B. strange gid problem

log lines:
   get_alias_user_groups: gid of user sam doesn't exist. Check your 
/etc/passwd and /etc/group files

but when I type the following command at the shell, I get a normal output:
id sam
uid=501(sam) gid=100(users) groups=100(users)

C. additional information:
net groupmap list
System Operators (S-1-5-32-549) -> daemon
Replicators (S-1-5-32-552) -> kmem
Guests (S-1-5-32-546) -> nobody
Domain Guests (S-1-5-21-2006529868-80066561-100632871-514) -> nobody
Domain Admins (S-1-5-21-2006529868-80066561-100632871-512) -> root
Power Users (S-1-5-32-547) -> -1
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> wheel
Account Operators (S-1-5-32-548) -> wheel
Domain Users (S-1-5-21-2006529868-80066561-100632871-513) -> users
Backup Operators (S-1-5-32-551) -> bin
Users (S-1-5-32-545) -> users

More information about the samba mailing list