I run Solaris 11 Express, successfully joined an AD domain with "smbadm join" and with a proper Kerberos config like [1]. Can anybody tell me why files created by these users locally (on Solaris itself, not through CIFS!) end up with the ownership of 'nobody'?
# id uid=0(root) gid=0(root) # su - myu...@example.com su: No directory! Using home=/ $ id uid=2147491842(myu...@example.com) gid=2147483650(Domain us...@example.com) $ touch /tmp/test $ ls -l /tmp/test -rw-r--r-- 1 nobody nobody 0 Aug 24 14:28 /tmp/test It doesn't even involve CIFS and the typical id mapping complexity... Is the system treating the ephemeral IDs of domain users as a special case and converting them to 'nobody'? My idmap policy is pretty standard: it is just used to map a few domain users who have local unix accounts by the same name: # idmap list add wingroup:*@example.com unixgroup:* add winuser:*@example.com unixuser:* The most puzzling thing is that this Solaris server is also serving a share using native CIFS support (zfs set sharesmb=on xxx), and ownership of files created by remote users through CIFS is perfectly correct. I only encounter this problem when creating files locally (I was hoping to give my users SSH access to allow manipulating the files locally...) [1] http://notallmicrosoft.blogspot.com/2010/11/interoperability-between-windows-and.html -- This message posted from opensolaris.org _______________________________________________ cifs-discuss mailing list cifs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/cifs-discuss