Andrew Watkins
2005-Nov-02 13:51 UTC
[Samba] (part 2) Can samba map between existing Windows (SID) users and existing unix (UID) users
I have had a few replies and it looks that I am on a no win solution.
I either set up LDAP and delete local UID on our UNIX boxes and let samba
convert SID to UID, or just leave thinks as they are.
I still don't under stand why it is so difficult to do what I want when all
the
information seems to be at hand.
1) User changes security of a file on a samba share to allow DCSNT\andrew
access.
2) samba returns an error:
smbd/posix_acls.c:create_canon_ace_lists(1405)
create_canon_ace_lists: unable to map SID
S-1-5-21-1984182827-583073959-8547516-2056 to
uid or gid.
3) run wbinfo and I can get this user name:
# /usr/local/samba/bin/wbinfo -s S-1-5-21-1984182827-583073959-8547516-2056
DCSNT\andrew 1
4) Just see if it works in reverse:
# /usr/local/samba/bin/wbinfo -n andrew
S-1-5-21-1984182827-583073959-8547516-2056 User (1)
5) I have "winbind trusted domains only = yes" set in smb.conf, so I
would it expect
it to know that andrew(SID) = andrew(uid)
6) Samba to set the acl on the unix file...., but that is not going to happen.
Before I give up and leave things as they are with users having 2 file systems
(samba share
and a Windows Share) and of course more Windows File Servers ;-(
Can some one inform me how to populate I guess an LDAP server so that I place
all the UID/SID
into and only let samba query it. I don't want samba to build it since my
UID already exist.
Thanks again,
Andrew
Maybe Matching Threads
- Can samba map between existing Windows (SID) users and existing unix (UID) users
- Map between existing UNIX UID's and Windows SID for file sharing.
- winbind gives differnt results depending on "winbind trusted domains only"
- mapping SID - UID, GID with SFU 3.5
- Mapping of Windows SID to existing UNIX users not work
Wisdom of the Ancients
