Hi, I'm having trouble getting ACLs and samba to work on solaris. In a unix shell I can set and get the ACLs with setfacl and getfacl just fine. Connecting with a window machine (w2000/w2003) to samba lets me list the ACLs and even modify them. The problem is creating new ACLs. In the logs I get 20031029/local2.error:Oct 29 16:30:11 test1 smbd[5417]: [ID 702911 local2.error] create_canon_ace_lists: unable to map SID S-1-5-21-3959417778-1711865379-3952174976-20920 to uid or gid. Seems to me there is a problem mapping from Windows SIDs to Unix uid. Reading the documentation, winbind seems to be the only solution to this problem. But I don't wish to use winbind as I allready have syncronized accounts on both windows and unix. Though looking at the code it seems to me that this is the only option available. Any ideas? -- Marius Grann?s
Marius Grann?s:> Hi, > > I'm having trouble getting ACLs and samba to work on solaris. In a unix > shell I can set and get the ACLs with setfacl and getfacl just fine. > Connecting with a window machine (w2000/w2003) to samba lets me > list the ACLs and even modify them. The problem is creating new > ACLs. In the logs I get > > 20031029/local2.error:Oct 29 16:30:11 test1 smbd[5417]: [ID 702911 local2.error] create_canon_ace_lists: unable to map SID S-1-5-21-3959417778-1711865379-3952174976-20920 to uid or gid. > > Seems to me there is a problem mapping from Windows SIDs to Unix uid. Reading > the documentation, winbind seems to be the only solution to this problem. > But I don't wish to use winbind as I allready have syncronized accounts > on both windows and unix. Though looking at the code it seems to me > that this is the only option available. > > Any ideas?Some more information: I'm running samba 3.0.0 with the following setup: security = domain nt acl support = yes -- Marius Grann?s ------------------------ I see fragged people.