[Samba] "--use-xattrs=yes" after domain provision (samba4)?
Rowland Penny
rowlandpenny at googlemail.com
Sat May 10 03:53:17 MDT 2014
On 10/05/14 10:27, John Westerlund wrote:
> Hi Andrew and tanks for your time,
>
> samba-tool domain provision --domain=DOMAIN --adminpass=secret \
> --dns-backend=SAMBA_INTERNAL --server-role=dc --realm=ad.domain.como
>
> After provision i followed this guide to get "--use-rfc2307"
>
> https://lists.samba.org/archive/samba/2013-November/177087.html
>
> And then i raised the domain/function level to 2008_r2 manual.
>
>
> Here is my smb.conf
>
> #smb.conf
> # Global parameters
> [global]
> workgroup = DOMAIN
> realm = ad.domain.com
> netbios name = DC01
> interfaces = 192.168.100.100
> dns forwarder = 192.168.100.20
> allow dns updates = nonsecure and secure
> server role = active directory domain controller
> idmap_ldb:use rfc2307 = yes
> # debug level = 5
> [netlogon]
> path = /var/lib/samba/sysvol/ad.domain.com/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
>
>
> ----- Ursprungligt meddelande -----
> Från: "Andrew Bartlett" <abartlet at samba.org>
> Till: "John Westerlund" <john at iniq.se>
> Kopia: samba at lists.samba.org
> Skickat: lördag, 10 maj 2014 9:40:26
> Ämne: Re: [Samba] "--use-xattrs=yes" after domain provision (samba4)?
>
> On Sat, 2014-05-10 at 00:05 +0200, John Westerlund wrote:
>> Hi all! Anyone know how to tell samba4 to use "--use-xattrs=yes" after domain provision, i have a lot of users so i cannot recreate the domain from scratch ;(
> What is in your smb.conf?
> does it have an entry for xattr_tdb:file or posix:eadb?
> What provision command line did you run?
>
> On a correctly configured system, we use xattrs and posix ACLs by
> default, so first check you really are using something else before you
> start worrying.
>
> Then, if you really are using emulated xattrs, just remove
> xattr_tdb:file or posix:eadb and run 'samba-tool ntacl sysvolreset'.
>
> I hope this helps,
>
> Andrew Bartlett
>
Hi, I take it that you want to use RFC2307 attributes ? if so, then
probably the best way to add them is via ADUC on a windows machine.
Rowland
More information about the samba
mailing list