[OpenIndiana-discuss] Windows ACL issue with CIFS
Joe Porter
jporter at petroliance.com
Mon Mar 28 13:39:57 UTC 2011
Any further thoughts on this?
------------------------------
Message: 8
Date: Tue, 22 Mar 2011 18:30:13 -0400
From: Gordon Ross <gordon.w.ross at gmail.com>
To: Discussion list for OpenIndiana
<openindiana-discuss at openindiana.org>
Subject: Re: [OpenIndiana-discuss] Windows ACL issue with CIFS
Message-ID:
<AANLkTikHeb62n1ym7VxrOOKnVFj2=uWgh0Ug+Hi=EUo5 at
mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
2011/3/22 Joe Porter <jporter at petroliance.com>:
> Hello all,
>
> I've installed a testbed OpenIndiana (SunOS openindiana 5.11 oi_147
> i86pc i386 i86pc) test box, and I'm trying to set up the CIFS so I can
> dump some backup files onto it using robocopy.
>
> I'm having the same issues as http://mail.opensolaris.org/pipermail/c
> ... 01908.html
>
<http://mail.opensolaris.org/pipermail/cifs-discuss/2009-June/001908.htm
> l>
>
> And http://opensolaris.org/jive/thread.jspa ... eID=295565
> <http://opensolaris.org/jive/thread.jspa?messageID=295565>
>
> Here is my CIFS folder:
>
> basic unix and acl folder permissions /test/share: (set other acl's
from
> your windows computer)
> drwxrwxrwx+ 4 root root 4 Mar 11 11:58 /test/share
> user:root:full_set:fd-----:allow
> group:2147483671:full_set:fd-----:allow
> everyone@:modify_set:fd-----:allow
>
> I connected to the device thru Windows MMC and set full Domain Admins
> rights on the Share and Security tabs of the share.
>
> your current mappings: idmap list
> add winuser:administrator at petroliance.local unixuser:root
> add winuser:*@petroliance.local unixuser:*
> add wingroup:*@petroliance.local unixgroup:*
>
> So, I removed and re-created the file sahre:
>
> chmod 777 /fstest
> chmod A=everyone@:rwxpdDaARWcCos:fd:allow /pool/fstest
>
> Now we have :
>
> drwxrwxrwx+ 3 root root 3 Mar 17 07:42 /test/fstest
> group:2147483650:full_set:fd-----:allow
> everyone@:full_set:fd-----:allow
> group:2147483670:full_set:fd-----:allow
>
>
> Running a CIFS dtrace:
[...]
Is "unresolvable SID mapping" enabled? Check with:
svccfg -s idmap listprop config/unresolvable_sid_mapping
and if it's not set, set it with:
svccfg -s idmap setprop config/unresolvable_sid_mapping = boolean: true
svcadm refresh idmap
If that that, perhaps another idmap problem...
More information about the OpenIndiana-discuss
mailing list