[Samba] domain users appear as local to samba

[Gerald (Jerry) Carter]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nikos Gkorogiannis wrote:
> Hello,
> 
> I have a samba server (3.0.21c) that gets its UNIX user 
> info from nss_ldap. It acts as an ADS member server (the
> UNIX usernames match the ones in the Windows domain).
> 
> Simple usage works fine: if I log in on a Win client as 
> DOMAIN\user then I can map a drive on \\samba\user and read/write
> and so on. However if I look up the security properties of a
> file in \\samba\user, the owner shows up as local to the samba
> server, i.e. \\samba\user as opposed to DOMAIN\user.
> 
> My hunch is that when a Win client is asking about 
> ownership (or security) details, it does so in terms of
> SIDs, not usernames. And that Samba returns an SID which is
> arbitrary w.r.t the domain SIDs. How can I fix that? Or
> have I missed something obvious?

Your hunch is correct.  Run winbindd but do not set the
'idmap {uid,gid}' parameters and you should be fine.





cheers, jerry
=====================================================================
I live in a Reply-to-All world.               -----------------------
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEGtTRIR7qMdg1EfYRAlc3AKCU0tIuMq+uf7fxhCqFZz37wwaUDgCgx8S0
I/9yWMTGpWJZaZp/XNSRV6s=
=Go2v
-----END PGP SIGNATURE-----