[Samba] access "claim types"
Stefan G. Weichinger
lists at xunil.at
Mon Feb 13 13:04:43 UTC 2023
Am 13.02.23 um 12:14 schrieb Rowland Penny via samba:
>> # ls -n
>> insgesamt 24
>> drwxrwxr-x+ 4 0 10512 4096 9. Dez 20:43 Test1
>> drwxrwxr-x+ 2 0 10512 4096 9. Dez 20:41 test2
>> drwxrwxr-x+ 2 0 10512 4096 9. Dez 20:41 test3
>>
>> gid 10512 should be "domain admins" or in this case german
>> "domänen-admins" with an ugly char for the "umlaut"
>>
>
>
> Are you sure that 'Administrator' owns that directory ?
> '0' is the Unix ID for root.
>
> If I create a directory and then change the ownership to Administrator,
> I get this:
>
> rowland at devstation:~$ mkdir testdir
> rowland at devstation:~$ sudo chown Administrator testdir
> rowland at devstation:~$ ls -ld testdir
> drwxrwx---+ 2 administrator domain users 4096 Feb 13 11:00 testdir
>
> If I then use the '-n' switch to 'ls', I get this:
>
> rowland at devstation:~$ ls -nd testdir
> drwxrwx---+ 2 10500 10513 4096 Feb 13 11:00 testdir
>
> Which clearly shows that the numeric ID for Administrator is '10500' and
> makes 'Administrator' into just another Unix user.
>
> What could be happening here is that you are seeing Administrator owning
> the share on a Windows machine and the user.map is mapping Administrator
> to root on the Unix machine, which is to be expected.
I am a bit confused right now (maybe always): you told me "Administrator
shouldn't own anything on Unix"
So I assumed the chown should be "chown -R root:10512 mytestshare" ?
All the samba shares on this server are located in "/mnt/MSA2040/smb",
this dir belongs to "0 0" now according to "ls -n".
I see some mapping in the conf:
# grep mapp smb.conf
username map = /etc/samba/samba_usermapping
# cat samba_usermapping
!root = DOMAIN\Administrator DOMAIN\administrator
I can't remember if I added this and why ... or if it is something old
from their former linux admin.
More information about the samba
mailing list