[Samba] access "claim types"

Stefan G. Weichinger lists at xunil.at
Mon Feb 13 13:04:43 UTC 2023


Am 13.02.23 um 12:14 schrieb Rowland Penny via samba:

>> # ls -n
>> insgesamt 24
>> drwxrwxr-x+ 4 0 10512 4096  9. Dez 20:43 Test1
>> drwxrwxr-x+ 2 0 10512 4096  9. Dez 20:41 test2
>> drwxrwxr-x+ 2 0 10512 4096  9. Dez 20:41 test3
>>
>> gid 10512 should be "domain admins" or in this case german 
>> "domänen-admins" with an ugly char for the "umlaut"
>>
> 
> 
> Are you sure that 'Administrator' owns that directory ?
> '0' is the Unix ID for root.
> 
> If I create a directory and then change the ownership to Administrator, 
> I get this:
> 
> rowland at devstation:~$ mkdir testdir
> rowland at devstation:~$ sudo chown Administrator testdir
> rowland at devstation:~$ ls -ld testdir
> drwxrwx---+ 2 administrator domain users 4096 Feb 13 11:00 testdir
> 
> If I then use the '-n' switch to 'ls', I get this:
> 
> rowland at devstation:~$ ls -nd testdir
> drwxrwx---+ 2 10500 10513 4096 Feb 13 11:00 testdir
> 
> Which clearly shows that the numeric ID for Administrator is '10500' and 
> makes 'Administrator' into just another Unix user.
> 
> What could be happening here is that you are seeing Administrator owning 
> the share on a Windows machine and the user.map is mapping Administrator 
> to root on the Unix machine, which is to be expected.

I am a bit confused right now (maybe always): you told me "Administrator 
shouldn't own anything on Unix"

So I assumed the chown should be "chown -R root:10512 mytestshare" ?

All the samba shares on this server are located in "/mnt/MSA2040/smb", 
this dir belongs to "0 0" now according to "ls -n".

I see some mapping in the conf:

# grep mapp smb.conf
username map = /etc/samba/samba_usermapping

# cat samba_usermapping
!root = DOMAIN\Administrator DOMAIN\administrator

I can't remember if I added this and why ... or if it is something old 
from their former linux admin.




More information about the samba mailing list