summaryrefslogtreecommitdiff
path: root/docs-xml/smbdotconf/security/forceunknownacluser.xml
diff options
context:
space:
mode:
Diffstat (limited to 'docs-xml/smbdotconf/security/forceunknownacluser.xml')
-rw-r--r--docs-xml/smbdotconf/security/forceunknownacluser.xml27
1 files changed, 27 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/forceunknownacluser.xml b/docs-xml/smbdotconf/security/forceunknownacluser.xml
new file mode 100644
index 0000000000..4c0949f052
--- /dev/null
+++ b/docs-xml/smbdotconf/security/forceunknownacluser.xml
@@ -0,0 +1,27 @@
+<samba:parameter name="force unknown acl user"
+ context="S"
+ type="boolean"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+
+<description>
+ <para>
+ If this parameter is set, a Windows NT ACL that contains an unknown SID (security descriptor, or
+ representation of a user or group id) as the owner or group owner of the file will be silently
+ mapped into the current UNIX uid or gid of the currently connected user.
+ </para>
+
+ <para>
+ This is designed to allow Windows NT clients to copy files and folders containing ACLs that were
+ created locally on the client machine and contain users local to that machine only (no domain
+ users) to be copied to a Samba server (usually with XCOPY /O) and have the unknown userid and
+ groupid of the file owner map to the current connected user. This can only be fixed correctly
+ when winbindd allows arbitrary mapping from any Windows NT SID to a UNIX uid or gid.
+ </para>
+
+ <para>
+ Try using this parameter when XCOPY /O gives an ACCESS_DENIED error.
+ </para>
+</description>
+
+<value type="default">no</value>
+</samba:parameter>
generated by cgit (git 2.34.1) at 2024-06-28 23:57:31 +0000