[Samba] Change default samba 4.1. ACL behaviour

Alex Sviridov ooo_saturn7 at mail.ru
Mon Nov 16 12:23:55 UTC 2015

 I use samba 4.1 as dc with acl. I have user with uid 3000023. However, I don't have group with guid 3000023. However, when this user creates a folder samba in acl list creates permissions for group 3000023 and as result I have broken link.

Rowland Penny (thanks to him) said that I could see the type: ID_TYPE_BOTH setting in /usr/local/samba/private/idmap.ldb.

As I understood I must change type to  ID_TYPE_UID. But , I can't understand what is the nice way to do it.
As new users are added via samba-tool. So, should I manually change "type" option in idmap.ldb for every
new user? Or there is another way.

I am sorry, If I ask something stupid. Please, just say what I understand wrong and how to fix these broken links.

Alex Sviridov

More information about the samba mailing list