Share management
Andrew Bartlett
abartlet at pcug.org.au
Mon Jan 14 15:53:15 GMT 2002
Nigel Williams wrote:
>
> Right I see the LANMAN named_pipe calls in reply_trans. I missed them
> earlier, Sorry.
>
> Re shareadd syntax. With my current rpcclient implementation you would use
>
> >sharesetinfo TEST_SHARE 1501 -s
> ACL:NIGEL\\nigel1:ALLOWED/0/FULL,ACL:NIGEL\\nigel2:DENIED/0/WRITE...
>
> to set security on an existing share.
If you have a working rpcclient implementation it is almost trivial to
move it accross to 'net' btw.
> The syntax of the security descriptor is that used with smbcacls which
> allows multiple ACLs. So there
> is no need to perform multiple shareadds.
>
> The client calls implemented are
>
> NetServerDiskEnum
> NetValidateName
> NetShareEnum
> NetShareEnumSticky
> NetShareSetInfo
> NetShareGetInfo
> NetShareAdd
> NetShareDel
> NetShareDelSticky
>
> levels 0,1,2,501,502,1004,1005,1006,1007?,1501 are all available where
> suitable.
>
> N.B. Jeremy did the server-side implementation.
>
> I note your preferences wrt SD manipulation from the net command. They make
> good sense.
>
> I wonder if there is any need to add these RPC client calls to the net
> command if we already have the RAP versions.
Yes. Becouse the real interest is in being the same as NT - so if NT
allows these to be set via RPC, then it would be very handy to be able
to do the same from Samba. In particular it helps in Samba's testing.
> A simple modification to smbcacls would give us all the functionality we
> require.
Great!
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list