[Samba] Possible to map root to group via winbind?

Graham Dunn gdunn at inscriber.com
Thu Oct 28 21:06:17 GMT 2004

samba 3.0.7, freebsd 5.2.1

My /usr/local/etc/samba-user.map looks like

root = DEV.grahamd

I would like to modify the ACLs on a directory that look like so:

drwxrwx---  2 root  Domain Admins  512 Oct 28 16:41 test2/

(if I chown the directory to my DEV.grahamd account, I can change ACLs 
to my heart's content)

I'm operating under the assumption that only root, or the owner of a 
file can change it's ACLs through windows explorer (at least, that way 
always works in this case).

What I'd like to know is if it's possible to use the username map 
parameter to map root to a user (or group) that is resolved via winbind.

I'm missing something but not sure what ...

        workgroup = DEV
        server string = Samba File Server %v
        security = DOMAIN
        password server = omega
        username map = /usr/local/etc/samba-user.map
        log level = 1
        log file = /var/log/log.%m
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=65535 SO_SNDBUF=65535
        ldap ssl = no
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind separator = .
        winbind enum users = No
        winbind enum groups = No
        winbind use default domain = Yes

        comment = Home Directories
        read only = No
        browseable = No

        comment = Archive
        path = /mnt/test/public
        read only = No
        force create mode = 0664
        force directory mode = 0775
        map system = Yes
        map hidden = Yes

More information about the samba mailing list