NamoMitK
Dabbler
- Joined
- Sep 3, 2015
- Messages
- 28
I have a standalone Samba server with Windows ACLs.
During share creation: owner is myself and the group is cifsusers. Running getfacl shows everything as correct.
I fired up my Windows client computer and logged in as myself. I've opened the share and; right-click-properties-Security.
Under the group or usernames field I see:
myserver\root
myserver\myself
Everyone
I've removed everyone and it all works fine. But I'm trying to figure out why cifsusers is resolving to root. I've confirmed that this is the case by selecting; Edit-Add-Advanced -- Selecting Find Now-Select cifsusers-OK.
It immediately resolves to myserver\root. I have another group called cifsadmins. If I follow the above steps it adds cifsadmins correctly. On another share the owner is myself and group is cifsadmins. This all works and looks as expected. I get the same behavior if I try to add cifsusers to this share (resolves to myserver\root).
The GID for cifsusers is 1001 and cifsadmins is 1002. These are the only two groups I've created.
I have several users who belong to cifsadmins and several that belong to cifsusers. When files are created by them, the permissions show up correctly with 'ls' on the server and the fact that they can even write to this share via Windows makes me think it is simply a SID/GID mapping type issue. (I'm still learning)
I'm guessing I might fix this by deleting cifsusers and creating it with another GID. Somehow it's clashing with the root GID/SID which is 0??
Any thoughts? Things I should clarify (I can be a bit scattered when I write)?
During share creation: owner is myself and the group is cifsusers. Running getfacl shows everything as correct.
I fired up my Windows client computer and logged in as myself. I've opened the share and; right-click-properties-Security.
Under the group or usernames field I see:
myserver\root
myserver\myself
Everyone
I've removed everyone and it all works fine. But I'm trying to figure out why cifsusers is resolving to root. I've confirmed that this is the case by selecting; Edit-Add-Advanced -- Selecting Find Now-Select cifsusers-OK.
It immediately resolves to myserver\root. I have another group called cifsadmins. If I follow the above steps it adds cifsadmins correctly. On another share the owner is myself and group is cifsadmins. This all works and looks as expected. I get the same behavior if I try to add cifsusers to this share (resolves to myserver\root).
The GID for cifsusers is 1001 and cifsadmins is 1002. These are the only two groups I've created.
I have several users who belong to cifsadmins and several that belong to cifsusers. When files are created by them, the permissions show up correctly with 'ls' on the server and the fact that they can even write to this share via Windows makes me think it is simply a SID/GID mapping type issue. (I'm still learning)
I'm guessing I might fix this by deleting cifsusers and creating it with another GID. Somehow it's clashing with the root GID/SID which is 0??
Any thoughts? Things I should clarify (I can be a bit scattered when I write)?