[Samba] Changing file permissions in Windows XP with a samba PDC

[James Lamanna]

On 1/11/06, Jason Balicki <kodak at frontierhomemortgage.com> wrote:
> James Lamanna wrote:
> > Question about changing file permissions in Windows XP when running
> > samba as a PDC.
> > If you hit Properties and go to the security tab, instead of listing
> > the proper group/user names it lists the full SID.
> > Is there a way to get Windows XP to map these to the proper
> > user/group names? I am using LDAP as a backend with Samba.
>
> You have something wrong.  You should see the proper
> DOMAIN\username display and not the sid.
>
> I suspect a domain sid mismatch between the XP client and
> samba server.
>
> There is a utility at sysinternals.com called "psgetsid"
> that will show the SID of the logged in user on the
> XP machine.  Use that utility to compare with
> "net getlocalsid" on the samba PDC and make sure that
> the domain part matches.  The local part will differ
> (the last bit).
>
> If there is a mismatch, you'll need to rejoin the XP
> box to the domain.  If there's not, then I don't
> know what's wrong. :)
>
> Be aware:  rejoining to the domain will cause the profiles
> on the box to get messed up, but you can reassign the
> profiles by changing the registry and setting permissions.

Hrm.
The domain part of the SIDs definitely match.
What's interesting is that it doesn't even get the default-ish groups right
(like Domain Users for example, it just shows [domain sid]-513)

Any other ideas?

>
> HTH,
>
> --J(K)
>
>

-- James