Hello Remove This Record and problem solved without add "server services = +smb -s3fs " and " dcerpc endpoint servers = +winreg +srvsvc" to smb.conf
idmap.ldb: dn: CN=S-1-5-32-544 cn: S-1-5-32-544 objectClass: sidMap objectSid: S-1-5-32-544 type: ID_TYPE_GID xidNumber: 10 distinguishedName: CN=S-1-5-32-544** *Note: BUG : Upgrade To samba rc4 and run samba-tool dbcheck but not fix this record ;* On Tue, Oct 16, 2012 at 10:39 AM, Andrew Bartlett <[email protected]>wrote: > On Tue, 2012-10-16 at 13:17 +1100, Andrew Bartlett wrote: > > On Sat, 2012-10-13 at 19:30 +1100, Andrew Bartlett wrote: > > > On Sat, 2012-10-13 at 09:58 +0330, Mohammad Ebrahim Abravi wrote: > > > > Solved > > > > > > > > Thanks a lot > > > > > > Thanks. > > > > > > The root of the issue is this automatically generated entry in your > > > idmap.ldb: > > > > > > # record 12 > > > dn: CN=S-1-5-32-544 > > > cn: S-1-5-32-544 > > > objectClass: sidMap > > > objectSid: S-1-5-32-544 > > > type: ID_TYPE_GID > > > xidNumber: 10 > > > distinguishedName: CN=S-1-5-32-544 > > > > > > > > > What we need to do in your case is to remove that record, so it becomes > > > regenerated as an IDMAP_BOTH. We also need to remove the generation of > > > that record from provision. > > > > > > The issue is that as a GID, you of course can't own a file. The ntvfs > > > file server papered over this issue (didn't deal with file ownership at > > > a unix level), but the smbd file server needs to correctly set posix > > > permissions. > > > > > > I hope this clarifies things. If you can please file a bug, I'll try > > > not to forget this. > > > > The attached patch should prevent this for a new provision. Are you > > able to test if this fixes things for you (on a new test domain?) > > This updated version uses the primary group of root (or the --root user) > rather than hoping that there will be a group by the same name. > > Andrew Bartlett > > -- > Andrew Bartlett http://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
