samba - Jun 2025 - both Samba-4.9.5 AD DC upgrade to Samba current (4.22.*) - questions

On Mon, 30 Jun 2025 13:17:20 +0200
Christian Naumer via samba <samba at lists.samba.org> wrote:
> Am 30.06.25 um 12:17 schrieb Franta Hanzl?k via samba:
> >  From all this, it seems to me that using rid idmap is an easier and
> > error-free choice of ID mapping. Can you agree with that?  
> 
> 
> Yes it is. But keep in mind on your running domain this will change the 
> IDs of every user on the fileserver so that ownership information will 
> not be correct any more.
> 
> Regards
> 
> Christian
> -- 
Christian thanks, I understand.
The solution is probably to remove the fileserver/AD member from AD and 
add it back, then reset the permissions and ACLs on its share as 
described in the Samba Wiki:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs

Or is there a faster or automated way to set ownership and permissions 
on the AD member server?
-- 
TIA, Franta Hanzlik

Am 30.06.25 um 14:27 schrieb Franta Hanzl?k via samba:
> Or is there a faster or automated way to set ownership and permissions
> on the AD member server?

You could add a new fileserver with the RID backend and then transfer 
the files. This "should" give you the right ownerships and
permissions.

Regards

Christian

On Mon, 30 Jun 2025 14:27:26 +0200
Franta Hanzl?k via samba <samba at lists.samba.org>
wrote:
> Christian thanks, I understand.
> The solution is probably to remove the fileserver/AD member from AD
> and add it back, then reset the permissions and ACLs on its share as 
> described in the Samba Wiki:
> https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
I don't think Christian was referring to the permissions that any new
files or directories will get, more about the ownership of any existing
ones. If you change from the 'ad' backend to a 'rid' backend on
a
machine, the IDs will change and you find that user ownership will have
also changed and/or the owners are now numbers.

Rowland