[Samba] acl problem
stefanke at micodat.com
stefanke at micodat.com
Wed Sep 28 09:16:25 GMT 2005
Hi all,
I habe a strange Problem with Samba 3.0.20-SUSE-SERNET (ad memberserver). Everytime I try to access a file/directory with user-acls via a XP box I get access denied! The group-acls works. On W2K and NT4 Clients there is no problem like this.
client output
-------------------------------------------------
fetch sid from uid cache 11147 -> S-1-5-21-1935655697-790525478-682003330-1147
[2005/09/28 09:53:27, 3] passdb/lookup_sid.c:fetch_sid_from_uid_cache(158)
fetch sid from uid cache 11149 -> S-1-5-21-1935655697-790525478-682003330-1149
[2005/09/28 09:53:27, 5] smbd/files.c:file_free(459)
freed files structure 5002 (0 used)
[2005/09/28 09:53:27, 3] lib/util_seaccess.c:se_access_check(250)
[2005/09/28 09:53:27, 3] lib/util_seaccess.c:se_access_check(251)
se_access_check: user sid is S-1-5-21-1977721719-1418567724-1093324438-23294
se_access_check: also S-1-5-21-1977721719-1418567724-1093324438-22027
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-11
se_access_check: also S-1-5-21-1935655697-790525478-682003330-513
se_access_check: also S-1-5-21-1935655697-790525478-682003330-2135
se_access_check: also S-1-5-21-1935655697-790525478-682003330-2142
se_access_check: also S-1-5-21-1935655697-790525478-682003330-2126
se_access_check: also S-1-5-21-1935655697-790525478-682003330-2131
se_access_check: also S-1-5-21-1935655697-790525478-682003330-2128
se_access_check: also S-1-5-21-1935655697-790525478-682003330-2146
se_access_check: also S-1-5-21-1935655697-790525478-682003330-2123
se_access_check: also S-1-5-21-1935655697-790525478-682003330-2136
[2005/09/28 09:53:27, 5] lib/util_seaccess.c:se_access_check(314)
se_access_check: access (1) denied.
As you can see samba says the user sid ist "S-1-5-21-1977721719-1418567724-1093324438-23294", but this is not correct, true is "S-1-5-21-1935655697-790525478-682003330-1147"!
Ok with the wrong user sid I get no access to files with user acls and since the group sids are ok I get access to file with groups acls.
What`s going wrong here? Any suggestions?
cheers
Stefan
To: gd at samba.org
Cc: vlendec at samba.org
More information about the samba
mailing list