[Samba] cifsacl not working

Ken Bass kbass at kenbass.com
Thu Sep 24 17:37:25 UTC 2020

On 9/24/20 1:06 PM, Rowland penny via samba wrote:
> OK, you are using users & groups in the 1000-29999 range, why ? could 
> it be that you have the same users in /etc/passwd and AD ?

On my Linux installs, I allow for a 'local' account with user id 1000. 
That is the only local account and is used for installing the OS (or in 
case AD is down). All other user/group accounts are >= 1001 and come 
from the AD. Technically that line should probably be 1001-29999, but 
not sure if that would impact user 1001.
The only user in my /etc/passwd is

> You are using 'cifsacls' and this calculates a 32 bit ID from the SID, 
> so it is unlikely your users are getting the same ID from Samba and 
> cifsacls, I get the feeling that you use one or the other, not both :-\

Can you please expand on this, I am confused as to what you are 
suggesting.  If 'getent pass' works properly and shows no 
overlap/confusion, this seems to be related to cifsacl.

More information about the samba mailing list