Hello, I have setup 2 PDC servers with samba 3.0.20b and openldap 2.2.24. There is 2 Domains differents. Relationship is done. #net rpc trustdom list - result is perfect in two servers. Connection from workstation with 1 user : - result is perfect with the same user between two servers. But I face a problem with rules on share : - In server B (domain B), I am searching to add an ACL access on a folder with an user or a group on domain A. - method : with a workstation windows XP, click right on folder / security / add / domain A / Group / add / ok - message error in log samba : [2007/02/23 14:37:51, 0] smbd/posix_acls.c:create_canon_ace_lists(1405) create_canon_ace_lists: unable to map SID S-1-5-21-1976411989-4095823373-4291834733-21003 to uid or gid. An idea ? Thanks. Rodolphe
First solution find : 1 - start winbind 2 - test command #/usr/bin/wbinfo -s S-1-5-21-1976411989-4095823373-4291834733-21003 Second problem, modify nsswitch.conf. I am searching. Rodolphe "Rodolphe A." <rodolphedj@gmail.com> a ?crit dans le message news:< 7S20X-83u-13@gated-at.bofh.it>...> Hello, > > I have setup 2 PDC servers with samba 3.0.20b and openldap 2.2.24. > There is 2 Domains differents. > > Relationship is done. > #net rpc trustdom list > - result is perfect in two servers. > Connection from workstation with 1 user : > - result is perfect with the same user between two servers. > > But I face a problem with rules on share : > - In server B (domain B), I am searching to add an ACL access on a > folder with an user or a group on domain A. > - method : with a workstation windows XP, click right on folder /security> / > add / domain A / Group / add / ok > - message error in log samba : > > [2007/02/23 14:37:51, 0] smbd/posix_acls.c:create_canon_ace_lists(1405) > create_canon_ace_lists: unable to map SID > S-1-5-21-1976411989-4095823373-4291834733-21003 to uid or gid. > > > An idea ? > > Thanks. > > > Rodolphe > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba
And solution has found : 1- /etc/nsswitch.conf passwd: files ldap winbind shadow: files ldap group: files ldap winbind [..] 2- /etc/samba/smb.conf idmap uid = 10000-20000 idmap gid = 10000-20000 3- start winbind 4- test /usr/bin/wbinfo -u 5- update ACL by windows xp client from share samba. Rodolphe 2007/2/26, Rodolphe A. <rodolphedj@gmail.com>:> > First solution find : > 1 - start winbind > 2 - test command #/usr/bin/wbinfo -s > S-1-5-21-1976411989-4095823373-4291834733-21003 > > Second problem, modify nsswitch.conf. > > I am searching. > > > Rodolphe > > "Rodolphe A." <rodolphedj@gmail.com> a ?crit dans le message news:< > 7S20X-83u-13@gated-at.bofh.it>... > > Hello, > > > > I have setup 2 PDC servers with samba 3.0.20b and openldap 2.2.24. > > There is 2 Domains differents. > > > > Relationship is done. > > #net rpc trustdom list > > - result is perfect in two servers. > > Connection from workstation with 1 user : > > - result is perfect with the same user between two servers. > > > > But I face a problem with rules on share : > > - In server B (domain B), I am searching to add an ACL access on a > > folder with an user or a group on domain A. > > - method : with a workstation windows XP, click right on folder / > security > > / > > add / domain A / Group / add / ok > > - message error in log samba : > > > > [2007/02/23 14:37:51, 0] smbd/posix_acls.c:create_canon_ace_lists(1405) > > create_canon_ace_lists: unable to map SID > > S-1-5-21-1976411989-4095823373-4291834733-21003 to uid or gid. > > > > > > An idea ? > > > > Thanks. > > > > > > Rodolphe > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/listinfo/samba