[Samba] Problems with group ACLs on a SAMBA server running in local
mode
Todd Stecher
tstecher at isilon.com
Thu Jan 12 18:49:16 GMT 2006
Here's a quick rundown of the behavior:
1) SAMBA 3.0.9 server is running in local user mode
2) A new local UNIX group is added
3) From a XP / W2003 client, attempts to add that group to ACLs on
the exported share fail - the group cannot be found through the explorer
UI.
I debugged this - the call to _samr_query_alias_info() is failing.
Specifically, the call to pdb_get_aliasinfo() fails. Debugging further,
this is because the group rid cannot be found in the tdb in
get_group_map_from_sid(), so the Windows client cannot resolve the name
from the RID.
>From conversations with other developers here at Isilon, the local
groups are not automatically added to the tdb, and adding this
functionality could be risky due to collisions between GIDs/ RIDs/ and
SIDs. My question to the list is there a hidden feature somewhere which
enables local unix groups to be added to the tdb? I've been digging
through lists / documentation, but with no luck.
Thanks in advance,
Todd Stecher
More information about the samba
mailing list