[OpenIndiana-discuss] OI_151a4, ZFS, CIFS - Managaging ACLs from Windows
Gordon Ross
gordon.w.ross at gmail.com
Wed May 30 15:50:01 UTC 2012
On Wed, May 30, 2012 at 6:00 AM, <ths.mailaddr at yahoo.com> wrote:
> Hello Gordon,
>
> thanks for your reply, but this isnt my problem. My users have the necessary rights. I have no
> Everyone ACL, but can create/delete files and folders and modify every single right in all existing
>
> ACLs. Since i have used inheritance, i even get a "new" ACL placed in front of all existing ACLs
>
> if i try to deny a right that is inherited. If i create a new file/folder and check the owner from
> windows (properties->security->extended security->owner), it show the "right" local oi-user.
>
> But - I cannot add a new ACL for a new user because the username didnt get resolved. Even the
>
> user that windows shows as ower cannot be found. Also users you get listed in the extended user
>
> selection dialog, cannot be used. If you select one and try to confirm it, you get "Object not found"
Oh, that. Yeah, the representation of users in workgroup mode is currently...
unfortunate. You have to figure out the machine SID for that user using:
idmap show uid:U
where U is the numeric user ID.
Then use that SID in the ACL editor.
Or on the server, use chmod A+... and that UID.
This is an area that could use improvement.
We plan to work on this, but it will be a while.
--
Gordon Ross <gwr at nexenta.com>
Nexenta Systems, Inc. www.nexenta.com
Enterprise class storage for everyone
More information about the OpenIndiana-discuss
mailing list