[Samba] UIDs/GIDs Mapping and Permissions in Samba

[Chris Hayes]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I'm wondering how essential it is to ensure that Samba User/Group to
UIDs/GIDs mapping across various Samba servers remain consistent.

I realise that Samba uses the extended ACLs and also uses extended
attributes to store blobs of Windows ACL information; specifically the
reason for this is that Windows ACLs don't map 1:1 with POSIX ones.

Basically, I want to know more about which Samba uses, how much it
tries to keep the two in sync, etc. For example, a moment ago I
changed the POSIX ACLs on a file that already had a security.NTACL
glob in the extended attributes; and my change to the POSIX ACL didn't
show up in the Security Properties information for that file.

By far the best documentation that I've found so far is this thread,
which might be out of date now and still leaves me unsure; as this
suggests that the security.NTACL glob should have been updated.

https://lists.samba.org/archive/samba/2011-February/160799.html

For that specific test, I was running quite an old file server (Samba
3.4.7) because it was what I had installed on an old machine.

Any information would be greatly appreciated.

Kind regards,
- -- 
Chris Hayes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJR+bRsAAoJELgO0A8EguAKXpEH/Awlyq1856PAzRpGSRWGZ9Aw
nuY85q3yrOWq1MkjAti4GLa34gu39HAHaw6kaz06rpZPlVOfR1ICFbq08GbPzR3j
RCBRbVG7Ai/zUx99ey8ByINq5OmkClW5h9uJCGfPuM6+keJwwj4gT6BiY8FrM3mB
Vk1BeYhzZciEXoy/uyP3dnbxWmV9LYGZWXSqwR2lC3ge6jFWRQyL9IES+1+7Ab/7
d+Qj+ObBZffLP5Gxmw3ETPpCMvrexM33B2VAIF5XLMaG+bbukFt8o2uW1UpFiaah
AWMdHJbqqAlT7IZD87U5io+ZfKrDvz8tmej4m6LzzJSJD49VzDCAV/4h0sW6U8c=
=soq+
-----END PGP SIGNATURE-----