[Samba] AD Domain Member with SFU

Dan Am samba at lonx.net
Thu Jun 30 12:25:34 GMT 2005

Hello all,

we have joind Samba 3.0.9 to an AD-Domain which is running AD. All is
working fine, acces to shares is granted, files are created, deleted.
When we start off with assigning ACL's though, they just get ignored, and
the User vanishes from the access list in the share manager.
Server is Windows 2003, Client is XP Pro. Here is the error we get:

Jun 30 13:56:05 w01abnfs07 smbd[17006]:   create_canon_ace_lists: unable
to map SID S-1-5-21-1291875906-2546917919-626822916-1122 to uid or gid.
(I googled that one, nothing particularly related...)

The whole thing seems odd, since Samba has already mapped SID to UID, when
the files were initially created, not so ?

I tried upgrading to 3.0.14 and 3.0.20, but no change, only different
error-messages in 3.0.20

Any clues ?



        workgroup = WORKSHOP
        realm = WORKSHOP.LOCAL
        netbios name = WORKSHOP-FS
        security = ADS
        password server = tasv01.workshop.local
        #passdb backend = tdbsam
        username map = /etc/samba/smbusers
        log level = 3 passdb:5 auth:10

        # desperate tries:
        force unknown acl user = yes
        map acl inherit = yes

        path = /data/software-depot
        read only = No

        comment = Home Drives
        #path = /home/%s
        #write list = pawisda2
        read only = No
        browseable = No
        valid users = %S

More information about the samba mailing list