[Samba] Are those file and folder ACLs to be expected?

[Rowland penny]

On 13/10/2020 09:23, Z Z via samba wrote:
> Hello.
>
> I've got a working SAMBA AD server. I'm able to join both Linux (winbind)
> and Windows clients. I have also joined an NAS that hosts some
> shares/folders to be used by multiple machines (Linux and Windows 10). On
> my Linux host I'm accessing the NAS via NFS mount, while on my Windows
> machine obviously I'm using SMB.
> I'm using the ad ID mapping backend with uId and gId that I'm managing
> manually.
> I have noticed something strange, though.
>  From my Linux computer I created folder on the NAS:
>
> mkdir TEST
>
>
> The folder has it's ownership as *username:users *and mask 775 which is
> what I want:
>
> drwxrwxr-x   2 myname users    6 Oct 13 10:51 TEST
>
>
> Afterwards I log in to my Windows 10 computer, access the same folder and
> create a subfolder inside of it.
> Coming back to my Linux machine I browse and check the newly created folder:
>
> drwxrwxr-x+ 2 myname users 10 Oct 13 10:59 winfolder
>
>
> Seems like the Windows-created folder has extended attributes. Let's check
> them with *getfacl winfolder:*
>
> # file: winfolder
>> # owner: myname
>> # group: users
You say this is on a domain joined NAS, so why is 'users' not 'Domain 
Users' ?
>> user::rwx
>> user:11001119:r-x
>> group::r-x
>> group:users:r-x
>> group:11001120:rwx
>> mask::rwx
>> other::r-x
>> default:user::rwx
>> default:user:myname:rwx
>> default:group::r-x
>> default:group:users:r-x
>> default:mask::rwx
>> default:other::r-x
>
>   Here it comes the confusion. Those IDs are the ones of my user (11001119)
> and group (11001120). But I don't understand why on the second user line
> I'm getting the uId, while on the *default:user:*  line the uId is being
> resolved to my username?
I have no idea, the share is on your NAS and you haven't supplied the 
smb.conf for that

What versions of Samba are you using ?

Rowland