[prev in list] [next in list] [prev in thread] [next in thread]
List: sssd-users
Subject: =?utf-8?q?=5BSSSD-users=5D?= Re: Setting ACLs through Samba from Windows?
From: Omen Wild <omen () ucdavis ! edu>
Date: 2017-02-28 18:40:03
Message-ID: 20170228184003.4xdwsf2b62mljfjr () descolada ! ucdavis ! edu
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
eQuoting Sumit Bose <sbose@redhat.com> on Tue, Feb 28 10:00:
>
> Thank you for the logs. There is an issue in the logs related to mapping
> the root user. Are you trying to modify ACL for the root user or for
> some other user?
>
> If it is about the root user then this behaviour is kind of expected
> because SSSD does not handle the root user when it comes to nss and PAM
> and this is inherited to the SID mapping code as well.
Some other user. I login to a Windows box with my admin account (in the
OU child domain) which is a member of the group that owns the folder
(OU\metro-us-admins).
The directory I was trying to add permissions to was owned by root (see
getfacl output below). I tried changing the owner of the folder to my
active directory user (omen@ad3.ucdavis.edu), but it did not change the
behavior, ACLs added in Windows still disappear when Apply is clicked.
The weird part is that Windows did automatically add CREATOR OWNER and
CREATOR GROUP ACLs successfully.
Thanks for the suggestions. I'll keep poking from my end.
root@phys-adtest:/storage# getfacl metro-us-admins/
# file: metro-us-admins/
# owner: root
# group: metro-us-admins@ou.ad3.ucdavis.edu
user::rwx
group::rwx
group:metro-us-admins@ou.ad3.ucdavis.edu:rwx
mask::rwx
other::rwx
default:user::rwx
default:group::rwx
default:group:metro-us-admins@ou.ad3.ucdavis.edu:rwx
default:mask::rwx
default:other::---
--
Omen Wild
Systems Administrator
Metro Cluster
["smime.p7s" (application/x-pkcs7-signature)]
[Attachment #6 (text/plain)]
_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic