New approach to "valid users" fix

Hansjörg Maurer hansjoerg.maurer at dlr.de
Sun Aug 13 10:45:32 GMT 2006 

Hi Jerry

Gerald (Jerry) Carter wrote:

>
>
> >But I had another strange observation. I create a
> >file on the samba share as User maurer.
> >With the 3.0.21 the owner of this file in th ACL
> >editor was DOM\maurer.  With 3.0.23b and your patch
> >the owner is shown as Unix User\maurer
> >I suppose that this is intended with the new code?
>
>
> Yeah.  But I think I still have a few more kinks
> to smooth out.
>
> >Is there a way to make a samba AD member server
> >allways show DOM\username in the ACL Editor when
> >the Unix Nis-User Username is equal to the Domain
> >Username?
>
>
> You're running winbindd without idmap ranges?  I'm
> seeing the same behavior right now on a member server
> in a Samba domain with 'winbind trusted domains only
> = yes'.  This previously worked.

yes exactly
we are running winbind in security=ads
and our config contains
      idmap uid = 10000-10000
        idmap gid = 10000-10000
        winbind use default domain = Yes
        winbind trusted domains only = Yes

>
> >Its no real problem if this is not possible any more.
> >I would just like to know, if there are any options
> >I have not seen yet which could restore the old behavior.
>
>
> It's a pretty big bug actually if you copy files from
> the Samba box to a local NTFS partition on a Windows
> client.  We'll have to fix this, but I need to think
> about it some.
>
you are right.
We are forcing our users to store all their data on central storage, 
therefore I did not see that probblem.
I reserved a small not critical samba server for testing purposes.
If want me to trie a patch if you find a solution for this problem
let me know.

I feel a bit angry about myself  because I have not tested your 3.0.23 
RC candidates.
It is not possible for me to test for example the file serving 
capabilities of a samba RC in
our production HA Filserver, but I would have been able to discover the 
problems in this thread
earlier if I did the tests on a testsystem (like I did now before the 
roleout of 3.0.23b9
, just for myself without impacts for the users.

We all  benefit a lot from your work
( e.g. as a research insitute using your opensource  CIFS file and 
printserver in this case or as a company providing your software to 
customers ) .
I am unable to provide assistance in development, therefore I promise to 
do more testing
of RC's of versions I am running in the future. :-)

Thank you very much

Greetings from munich

Hansjörg



>
>
>
>
> cheers, jerry
> =====================================================================
> Samba                                    ------- http://www.samba.org
> Centeris                         -----------  http://www.centeris.com
> "What man is a man who does not make the world better?"      --Balian

More information about the samba-technical mailing list