Re: [cifs-discuss] idmapping

Wed, 11 Nov 2009 10:20:54 -0800 

Chris,

I just got to the same stage while playing withs CIFS.
I think the reason is that the SYSTEM is not a domain account and I have also notice the same for HOSTNAME\Administrator account. I am noticing it with windows profiles 

If you look at #idmap dump you may notice some short SID.

Andrew
How can I map what appears to be the default the "SYSTEM" group on windows XP to a group on Solaris? I always end up with an ephemeral group for that?
I've mapped my user "cjg" <-> "cg13442" and put it in the default group smbstaff which I have also mapped. However every object I create on XP on the CIFS server ends up with an additional ACL for an ephemeral group which when viewed on XP is the "SYSTEM" group: 

v-ss7410b-gmp03# idmap list
add     "winuser:cjg.uk.sun.com\\cjg"    unixuser:cg13442
add     "wingroup:cjg.uk.sun.com\\smbstaff"    unixgroup:staff
add -d    "wingroup:*\\SYSTEM"    unixgroup:sys
v-ss7410b-gmp03# ls -dv My*
d---------+  4 cg13442  staff          5 Nov 11 12:42 My Documents
     0:user:cg13442:list_directory/read_data/add_file/write_data
         /add_subdirectory/append_data/read_xattr/write_xattr/execute
         /delete_child/read_attributes/write_attributes/delete/read_acl
         /write_acl/write_owner/synchronize:allow
     1:group:2147483648:list_directory/read_data/add_file/write_data
         /add_subdirectory/append_data/read_xattr/write_xattr/execute
         /delete_child/read_attributes/write_attributes/delete/read_acl
         /write_acl/write_owner/synchronize:allow
v-ss7410b-gmp03#

This in turn prevents me from listing the file over NFS:

: v4v-machine-a11-gmp03.eu TS 51 $; ls -l
ls: can't read ACL on ./My Documents: Not owner
ls: can't read ACL on ./xp.txt: Not owner
total 12
d---------  0 root     root           5 Jan  1  1970
----------  0 root     root           0 Jan  1  1970
-rw-r-----   1 cg13442  staff          5 Nov 10 16:25 nfs
----------+  1 cg13442  staff          6 Nov 10 17:49 smb.txt
-rw-r-----   1 cg13442  root          13 Nov 10 16:50 zfs.txt
: v4v-machine-a11-gmp03.eu TS 52 $; ls
My Documents  nfs           smb.txt       xp.txt        zfs.txt
: v4v-machine-a11-gmp03.eu TS 53 $;


Thanks




--
Andrew Watkins * Birkbeck College
http://notallmicrosoft.blogspot.com/
_______________________________________________
cifs-discuss mailing list
cifs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss

Reply via email to