[Samba] Unix users/groups and the Windows ACL editor

TAKAHASHI Motonobu monyo at monyo.com
Mon Feb 27 10:15:15 MST 2012


From: Victor Sudakov <vas at mpeks.tomsk.su>
Date: Sun, 26 Feb 2012 23:23:04 +0700

> TAKAHASHI Motonobu wrote:
> > > > 
> > > > > There is a samba compiled --without-winbind --with-acl-support; the
> > > > > Windows GUI ACL editor Security tab shows multiple users and groups
> > > > > as "Unix User\joe" and "Unix Group\foo". I can remove those users
> > > > > and groups from the GUI if I wish to.
> > > > > 
> > > > > Is there a way to _add_ Unix groups and users via the ACL editor?
> > > > 
> > > > If your file system has ACL feature, you can manupulate these groups
> > > > to map them to Samba groups with "net groupmap add".
> > > 
> > > Do you mean to say I must map all those Unix groups to Windows groups
> > > beforehand, before I can manupulate them in the ACL editor?
> > 
> > Yes.
> 
> It's a pity. And where will this mapping be stored? NB: I don't use winbind.

In group_mapping.ldb file.

> > And if you see an user as "Unix User\foo", the user is not mapped to a
> > Samba user. If an user is mapped to a Samba user, then you see the user
> > as "COMPUTERNAME\foo" in your Security tab.
> 
> All my domain users are mapped to Unix users by samba, e.g. a
> DOMAIN\foo user is mapped to the Unix user "foo". 
> 
> Are you talking about some other mapping? Could you please elaborate?

You said:
> Windows GUI ACL editor Security tab shows multiple users ...
> as "Unix User\joe" ...

I pointed that if you see users whose name is like "Unix User\joe"
style, that user is not mapped to the Samba user yet.

---
TAKAHASHI Motonobu <monyo at samba.gr.jp>


More information about the samba mailing list