[Samba] Best strategy to manage and backup Windows file permissions
Robert Marcano
robert at marcanoonline.com
Sun Mar 16 16:56:40 UTC 2025
On 3/16/25 12:06 PM, R. Diez via samba wrote:
> ...
>
> Besides, assuming that I manage to back up all files with their Windows
> ACLs (I guess by backing up the xattr's), I wonder whether the restore
> would work. The backup will probably have numeric SIDs, so a rebuilt
> Samba server would have to keep the same user accounts with the same
> SIDs, wouldn't it?
>
I recommend to always use an algorithmic idmap strategy like rid, so the
mapping of the user is never changed even if you reinstall you server
from scratch. It helps too if you maintain multiple servers and need to
move share from on server to another. The same algorithm idmapon earch
server makes things easier.
Remember that you can't choose a different idmap module on domain
controllers. So the SAMBA team recommendation of not using DCs as file
servers is more important in this case too.
More information about the samba
mailing list