Tom Söderlund
2015-Mar-25 14:05 UTC
[Samba] Human readable user names vanishing from acls
When setting file permissions from MS environment to a file on a Samba4 share, it can be made in clear text with human readable user/group names and the rights seem to work. However when checking the permissions again from an MS environment, instead of human readable user/group names there are plain SID numbers in their place and there is an icon apparently signifying an unknown SID. How to keep resolving these into clear text? Using Samba 4.1.1 and SSSD 1.12.2 with dynamical id mapping (i.e. all user information resides in the MS AD without Unix attributes) in a RHEL7.1 environment. Thanks for any info, -Tom
On 25/03/15 14:05, Tom S?derlund wrote:> When setting file permissions from MS environment to a file on a Samba4 > share, it can be made in clear text with human readable user/group names > and the rights seem to work. > > However when checking the permissions again from an MS environment, instead > of human readable user/group names there are plain SID numbers in their > place and there is an icon apparently signifying an unknown SID. How to > keep resolving these into clear text? > > Using Samba 4.1.1 and SSSD 1.12.2 with dynamical id mapping (i.e. all user > information resides in the MS AD without Unix attributes) in a RHEL7.1 > environment. > > Thanks for any info, > -TomHave you tried looking at the ACLs on the share on the Unix server, are they showing a name or a number? I think that this may be a sssd problem rather than a samba one. Rowland
Tom Söderlund
2015-Mar-29 10:43 UTC
[Samba] Human readable user names vanishing from acls
ACLs on the Samba4 member server resolve fine to clear text (with getfacl). Problem on MS terminal side persists; clear text while setting but later as SIDs when domain accounts/groups are in question. -Tom On Wed, Mar 25, 2015 at 4:22 PM, Rowland Penny <rowlandpenny at googlemail.com> wrote:> On 25/03/15 14:05, Tom S?derlund wrote: > >> When setting file permissions from MS environment to a file on a Samba4 >> share, it can be made in clear text with human readable user/group names >> and the rights seem to work. >> >> However when checking the permissions again from an MS environment, >> instead >> of human readable user/group names there are plain SID numbers in their >> place and there is an icon apparently signifying an unknown SID. How to >> keep resolving these into clear text? >> >> Using Samba 4.1.1 and SSSD 1.12.2 with dynamical id mapping (i.e. all user >> information resides in the MS AD without Unix attributes) in a RHEL7.1 >> environment. >> >> Thanks for any info, >> -Tom >> > > Have you tried looking at the ACLs on the share on the Unix server, are > they showing a name or a number? > > I think that this may be a sssd problem rather than a samba one. > > Rowland > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >