[Samba] using AD groups in "username map"
Rowland Penny
rpenny at samba.org
Wed Feb 21 09:08:37 UTC 2018
On Wed, 21 Feb 2018 09:54:08 +0100
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
> Mandi! Rowland Penny via samba
> In chel di` si favelave...
>
> > getfacl: Removing leading '/' from absolute path names
> > # file: home/testdata
> > # owner: root
> > # group: unix\040admins
> > user::rwx
> > user:root:rwx
> > user:rowland:r-x
> > group::---
> > group:root:---
> > group:2004:r-x
> > group:2005:rwx
> > group:unix\040admins:---
>
> The dir? AFAIK group permission in ACL are an implicit mask on ACL, eg
> if dir had 700, no (POSIX) ACL are taken into account.
>
I thought something similar as well, but I was logged into a win7
machine as 'rowland', who is a member of 'Unix Admins' and couldn't
add a user permissions to the share. Using getfacl to change
'group:unix\040admins:---' to 'group:unix\040admins:rwx' allowed me to
add user permissions.
Rowland
More information about the samba
mailing list