[Samba]SOLVED - idmap_rid / roaming profile permissions /
sk at isc.tuc.gr
Thu Sep 1 08:27:19 GMT 2005
I solved the problem with my roaming profiles by just changing from
case sensitive = yes
case sensitive = auto
No permissions change, no nothing.
Stefanos Karasavvidis wrote:
> I'm struggling with roaming profile permissions as I can not "see" the
> NT AUTHORITY\SYSTEM account.
> I have:
> -samba file server with acl 3.0.14a
> -authentication with winbind and idmap_rid against Windows 2003 ADS
> -using "default domain" in smb.conf for winbind
> The roaming profile directories are on the samba machine under the users
> home directory. As noted on several sites, the profile directory must
> have the following permissions:
> owner full control (this is ok)
> SYSTEM (S-1-5-18) full control (here is the problem)
> I can't add the permissions for the system account, as it is "not seen"
> from samba. The result is that roaming profile do not work
> I get the following output with wbinfo
> wbinfo -s "S-1-5-18"
> NT AUTHORITY\SYSTEM 5
> wbinfo -n "NT AUTHORITY\SYSTEM"
> S-1-5-18 Well-known Group (5)
> wbinfo -Y "S-1-5-18"
> Could not convert sid S-1-5-18 to gid <--------
> wbinfo -S "S-1-5-18"
> Could not convert sid S-1-5-18 to uid <--------
> I tried to fix it with net groupmap, but it did not work (maybe I miss
> So the question is: how do I set permissions for the SYSTEM account???
Electronic & Computer Engineer, M.Eng.
e-mail : sk at isc.tuc.gr
Technical University of Crete, Campus
Information Systems Center
Address: Akrotiri, Chania, 73100
Tel.: Library Buildings
(+30) 28210 37352, (+30) 28210 37355, (+30) 28210 37376
Environmental Engineering Buildings
(+30) 28210 37766
Fax: (+30) 28210 37571
More information about the samba