[Samba] getfacl returning strange active directory group name SLES11
Axel Werner
mail at awerner.homeip.net
Fri Dec 7 00:54:28 MST 2012
Dudes, realy ?!?! No one here KNOWS what that numbers are about ?!? No
one else got this behavior wiht "getfacl" ?
Am 29.11.2012 12:00, schrieb Axel Werner:
>
> Hi SAMBA Gurus,
>
> this question does not realy match SAMBA, but its somehow related and i
> was not able to find some sattisfying answer yet anywhere else. So im
> hopeing for some expert here who may knows this.
>
> I described my case in a SLES Forum at:
>
> https://forums.suse.com/showthread.php?2046-getfacl-returning-strange-active-directory-group-name-SLES11
>
>
> Given:
>
> SLES 11 SP1 with SAMBA/Winbind joined to Active Directory "AD" using AD
> Role Groups in ACLs on ext3 Filesystem
>
> Im playing around with Linux Filesystem ACLs on a ext3 FS but using
> Active Directory (AD-)Users and AD-Groups for access controll to files
> and folders, thanks to winbind this is.
>
> While i have to use "setfacl" just the way its been described in the man
> page using properly formed "AD\adgroupname" and "AD\adusername" syntax,
> the "getfacl" however returns ALWAYS something strange i was not able to
> find something matching on the internet nor the man page nor the suse
> manuals.
>
> See this output :
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~
> hostname:/tmp # getfacl -p /data1/testing-acls/
>
> # file: /data1/testing-acls/
> # owner: root
> # group: root
> user::rwx
> user:someLocalLinuxUserName:rwx
> user:AD\134someAdUserName:rwx
> group::rwx
> group:AD\134rol-grp-access-control-rw:rwx
> mask::rwx
> other::---
> default:user::rwx
> default:group::rwx
> default:group:AD\134rol-grp-access-control-rw:rwx
> default:mask::rwx
> default:other::---
>
> hostname:/tmp #
> ~~~~~~~~~~~~~~~~~~~~~~~~~
>
> As you can see, local Linux-Users and Groups (not shown here but been
> tested) will be shown correctly and as expected. AD Users and AD Groups
> however contain some strange "number" after the Domain Prefix and the
> before the AD-Group- or AD-Username.
>
> Anyone here KNOWS what this is and why its there?
>
> i compared this to some ancient debian 5 installation that we had laying
> around. NOT joined to an AD but also runs some old SAMBA as a primary
> domain controller. There it seems its pretty much the same. Whenever
> some "windows user" or "windows group" has been written to the
> filesystem ACL the getfacl reports that strange number in between.
>
>
> THANKS in advance for any competent Answer/Pointing!
>
> greets
> Axel
>
>
More information about the samba
mailing list