Given:

SLES 11 SP1 with SAMBA/Winbind joined to Active Directory "AD" using AD Role Groups in ACLs on ext3 Filesystem

Im playing around with Linux Filesystem ACLs on a ext3 FS but using Active Directory (AD-)Users and AD-Groups for access controll to files and folders, thanks to winbind this is.

While i have to use "setfacl" just the way its been described in the man page using properly formed "AD\adgroupname" and "AD\adusername" syntax, the "getfacl" however returns ALWAYS something strange i was not able to find something matching on the internet nor the man page nor the suse manuals.

See this output :

Code:
hostname:/tmp # getfacl -p /data1/testing-acls/

# file: /data1/testing-acls/
# owner: root
# group: root
user::rwx
user:someLocalLinuxUserName:rwx
user:AD\134someAdUserName:rwx
group::rwx
group:AD\134rol-grp-access-control-rw:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:AD\134rol-grp-access-control-rw:rwx
default:mask::rwx
default:other::---

hostname:/tmp #
As you can see, local Linux-Users and Groups (not shown here but been tested) will be shown correctly and as expected. AD Users and AD Groups however contain some strange "number" after the Domain Prefix and the before the AD-Group- or AD-Username.

Anyone here KNOWS what this is and why its there?

i compared this to some ancient debian 5 installation that we had laying around. NOT joined to an AD but also runs some old SAMBA as a primary domain controller. There it seems its pretty much the same. Whenever some "windows user" or "windows group" has been written to the filesystem ACL the getfacl reports that strange number in between.