[Samba] Admin UID changed with upgrade to 4.8.2

Rowland Penny rpenny at samba.org
Thu Jun 14 09:50:15 UTC 2018

On Thu, 14 Jun 2018 09:39:46 +0200
"L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:

> And i did read the Comment to for Rowland below, 
> On debian you need :
> libnss-winbind libpam-winbind to be installed. 
> I think you miss one of these. 

They are the glue that connects Samba to nsswitch and allows 'getent
passwd username' to work. Without the 'glue' checking for ownership etc
of file with 'ls -l' will only show numbers, this is because the OS
doesn't know who the numbers are.

> With 4.8.2 on my DC's i see: 
> ls -al sysvol/
> drwxrwx---+ 5 root BUILTIN\administrators 4096 Dec 21 13:14
> internal.domain.tld 
> Note the ^^^ (+) in above line, then use getfacl to see all ACL's
> If you use chmod, you might destroy your very needed windows ACL's 
> And i see with getfacl

And Louis also uses 'acl_xattr:ignore system acls = yes', this means
that you can ignore the system ACL and what getfacl produces.

The permissions you set from windows is actually stored in in

To see the contents of this attr:

getfattr -n security.NTACL /home/testdata
getfattr: Removing leading '/' from absolute path names
# file: home/testdata

Not very readable is it ?

> Id you dont get you id's
> Try adding Domain and Local-Realms to : /etc/idmapd.conf 

Don't understand the above, what has an NFS conf file got do with
Samba ?


More information about the samba mailing list