[Samba] mapping SID - UID, GID with SFU 3.5
Hello together, I have: gentoo with samba-3.0.24 W2003 AD with SFU 3.5 uid and gid in SFU linux configured to use AD with ldap client for mapping users, groups and authentication winbind not configured. Everyting works fine except ACL in the linux filesystem: I receive this error when I want to add an user access to a file: [2006/10/18 09:38:28, 0] (1399) create_canon_ace_lists: unable to map SID to uid or gid. Is it possible to manage ACL without winbind configured? I have just found some information about using winbind for this one. I have set up an test: smb.conf: [global] log level = 2 dns proxy = no domain master = no preferred master = no workgroup = DOMAIN security = ADS realm = DOMAIN.LOCAL password server = win2003ads.domain.local host msdfs = no idmap backend = ad winbind nss info = sfu #idmap uid = 100-7 #idmap gid = 100-7 winbind trusted domains only = no winbind enum groups = yes winbind enum users = yes winbind separator = + winbind nested groups = yes winbind use default domain = yes With winbind I have the following problem: When I activate idmap uid / gid winbind returns an own uid/gid, not the ADS-stored uid/gid. When I deactivate this option, winbind tells me, that its not possible to convert an S-ID to uid: a.) gentooads ~ # wbinfo -S S-1-5-21-2754069521-2579576118-433682804-1204 100 b.) gentooads ~ # wbinfo -S S-1-5-21-2754069521-2579576118-433682804-1204 Could not convert sid S-1-5-21-2754069521-2579576118-433682804-1204 to uid If winbind is necessary, how can I use the SFU-attributes? Thanks a lot!! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] mapping SID - UID, GID with SFU 3.5
I have: linux 2.6.18-1.2200.fc5 samba-3.0.23c-1.fc5 W2000 AD with SFU 3.5 uid and gid in SFU linux configured to use AD with ldap client for mapping users, groups and authentication winbind not configured Everyting works fine except ACL in the linux filesystem: I receive this error when I want to add an user access to a file: [2006/10/18 09:38:28, 0] smbd/posix_acls.c:create_canon_ace_lists(1399) create_canon_ace_lists: unable to map SID S-1-5-21-844969896-4001305145-2275790796-1148 to uid or gid. Is it possible to manage ACL without winbind configured? Thank you. - Notice: The information in this document is confidential and intended solely for the attention and use of the named addressee(s). This information may be subject to legal, professional or other privilege or may otherwise be protected by work product immunity or other legal rules. It must not be disclosed to any person without authorization. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are not authorized to and must not disclose, copy, distribute or retain this message or any part of it. This prohibition, includes, without limitation, displaying this transmission, or any portion thereof, on any public bulletin board. In such case, you should destroy this message and kindly notify the sender. Opinions, conclusions and other information in this message that do not relate to the official business of my firm shall be understood as neither given nor endorsed by it. No responsibility is accepted by G.D S.p.A. in the event that the onward transmission or use of this message. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba