[Samba] Q: how to collect user/group-names

Toby Bluhm tkbsmb at MidwestInstruments.com
Tue Sep 25 12:45:37 GMT 2007

Chris Osicki wrote:
>> On 9/24/07, Chris Osicki <osk at admin.swisscom-mobile.ch> wrote:
>>> Hi
>>> Sorry if it's not 100% appropriate for this list, cannot think of better
>>> place to find people with lots of know-how from Unix and Windows.
>>> I'm currently working on replacing EMC's Celerra file servers by Linux/Samba.
>>> The SID to UID/GID mapping table on Celerra is very large, ~50'000 entries
>>> and I don't want to pollute my LDAP server with all this (using winbind with
>>> LDAP back-end). Most of those entries are there for historical reasons and are
>>> just useless.
>>> Now my question: does anybody know a tool working under Windows to scan a
>>> filesystem and collect all usernames/groupnames (or SIDS) used?
>>> Any Samba's tool having this capability?
>>> Thanks for your time.
>>> Regards,
>>> Chris
>> Chris,
>> Easy. Find is your friend. It can find anything and do whatever with
>> the results.
>> find /tmp/ -type f -printf "%U \n" | sort | uniq > uids.txt
>> find /tmp/ -type f -printf "%G \n" | sort | uniq > gids.txt
>> If you know the uid's and gid's + you got the mappings, it's easy to
>> know which sid's you (don't) need.
>> --
>> Frank Van Damme
>> A: Because it destroys the flow of the conversation
>> Q: Why is it bad?
>> A: No, it's bad.
>> Q: Should I top post in replies to mails or on usenet?
> Frank, 
> thanks for your quick answer.
> Unfortunately it's not what I'm looking for.
> I want to find out what users or groups have been given 
> any rights on a file or directory. In other words I want 
> to collect user/group-names from ACL's. Or if you want, 
> collect those information which you would see when under 
> Windows you right click on a file/directory and select 
> properties/security.
> And I'm looking for a way of do it "automaticaly".
> A sort of Windows "getfacl -R".
> Thanks for your time.
> Regards,
> Chris

I don't know how useful this would be as it's just a raw listing of all 
files & dirs with associated acls. It would need more massaging for any 
sort of scripted restore or data extract.

Install gnuwin32 utils form sourceforge
Install xcacls.exe from MS Resource Tools

c:\path\to\gnuwin32\bin\find.exe X:\ > c:\temp\find.log
for /f "usebackq delims==" %i in (`type c:\temp\find.log`) do 
@xcacls.exe "%i" >> c:\temp\xcacls.log

Toby Bluhm
Midwest Instruments Inc.
30825 Aurora Road Suite 100
Solon Ohio 44139

More information about the samba mailing list