[Samba] Domain member server: user access
Stefan G. Weichinger
lists at xunil.at
Mon Oct 9 18:36:15 UTC 2017
Am 2017-10-09 um 20:29 schrieb Rowland Penny:
> Unless you have done something strange like giving a group the
> gidNumber '3000013', this is an xidNumber and isn't used anywhere
> except on a DC. It is also probably one of the Well Known SIDs, so
> you shouldn't remove and recreate one of these. Which leads us to
> the obvious question, what was the group name ?
Actually, it's still there on the DC:
# wbinfo --group-info="domain admins"
ARBEITSGRUPPE\domain admins:x:3000013:
# net cache flush
# wbinfo --group-info="domain admins"
ARBEITSGRUPPE\domain admins:x:10512:
The new and needed group for the particular ACL:
# wbinfo --group-info="gfass"
ARBEITSGRUPPE\gfass:x:10580:
I chose 10850 just to make sure I am away from other IDs.
Is there a simple way to read the (highest) used group-id?
btw: ACLs work now for the specific folders/ groups, that is not the
problem.
>> Your reported bug still sits there unnoticed, right?
>
> Not unnoticed, just not yet resolved ;-)
Ah, I see ;-) good.
More information about the samba
mailing list