[Samba] question about winbind rid idmaping

Ralph Boehme slow at samba.org
Thu Oct 29 13:32:54 UTC 2020

Am 10/29/20 um 1:07 PM schrieb Rowland penny via samba:
> On 29/10/2020 11:56, Andrew Walker wrote:
>> Several of the idmap backends (including idmap_rid) in samba support
>> id_type_both (the ID is both a user and a group). This is ultimately
>> needed for accurately producing Windows-style behavior regarding
>> permissions (where a group can be the owner of a file). Without
>> knowing the details of the ACL module, the best path forward would be
>> for you to figure out how to maintain windows-like behavior.
> The only place that I have found id_type_both to be used, is in
> idmap.ldb on a Samba AD DC.

it's also supported by a bunch of idmap modules including rid and
autorid, but not ad ...

> Windows behaviour is for a group to be able
> to own files.

...for exactly the same reason (plus others like supporting SID history).


Ralph Boehme, Samba Team                https://samba.org/
Samba Developer, SerNet GmbH   https://sernet.de/en/samba/
GPG-Fingerprint   FAE2C6088A24252051C559E4AA1E9B7126399E46

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20201029/099583b7/signature.sig>

More information about the samba mailing list