scot eckel
2006-Jan-08 07:51 UTC
[Samba]3.0.20b Keep windows local sid when xcopy files to samba server
Hi all, I came into a problem with the following situation. One Windows 2k3 server which joined into a AD, and when I tried to copy some files the owner ship of which contails both domain user/group sid and local user/group sid information, to samba server, only domain sid information could be kept, and the windows local user/group sid info was dropped. I verifyed this by using "xcopy /O /K". When I traced the samba log, it complained unknown sid, which was the local sid. And since I configured samba to lookup user and group by the order of passwd and winbind, AD could not retrieve the non-domain sid info which is only available in the member client.This seems to be reasonable. However, I still wish there is some hacks that could help to keep the local sid info when files are copied to samba server. Any clue is welcome. Best Regards Nelson
Gerald (Jerry) Carter
2006-Jan-09 18:05 UTC
[Samba]3.0.20b Keep windows local sid when xcopy files to samba server
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 scot eckel wrote:> Hi all, > > I came into a problem with the following situation. > One Windows 2k3 server which joined into a AD, and when I > tried to copy some files the owner ship of which contails > both domain user/group sid and local user/group sid > information, to samba server, only domain sid > information could be kept, and the windows local > user/group sid info was dropped. I verifyed this by using > "xcopy /O /K". When I traced the samba log, it complained > unknown sid, which was the local sid. And since I > configured samba to lookup user and group by the order > of passwd and winbind, AD could not retrieve the non-domain > sid info which is only available in the member client.This > seems to be reasonable. > > However, I still wish there is some hacks that could help > to keep the local sid info when files are copied to samba > server. Any clue is welcome.We have a 'force unknown acl user' option. But it is currently impossible to keep an arbitrary SID that has not been mapped to an uid/gid. cheers, jerry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDwqWXIR7qMdg1EfYRArQuAKCjpdDEpKVJrPabwmbyusMQLs6g6wCffy33 rdHhQM8boefLZYElCaPUDNo=tTTs -----END PGP SIGNATURE-----