svn commit: samba-docs r457 - in trunk/Samba-HOWTO-Collection: .
jht at samba.org
jht at samba.org
Thu Mar 31 17:40:59 GMT 2005
Author: jht
Date: 2005-03-31 17:40:58 +0000 (Thu, 31 Mar 2005)
New Revision: 457
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-docs&rev=457
Log:
Fix missing LDAP server password problem.
Modified:
trunk/Samba-HOWTO-Collection/AccessControls.xml
trunk/Samba-HOWTO-Collection/IDMAP.xml
Changeset:
Modified: trunk/Samba-HOWTO-Collection/AccessControls.xml
===================================================================
--- trunk/Samba-HOWTO-Collection/AccessControls.xml 2005-03-30 15:11:31 UTC (rev 456)
+++ trunk/Samba-HOWTO-Collection/AccessControls.xml 2005-03-31 17:40:58 UTC (rev 457)
@@ -1279,6 +1279,8 @@
<para>
Microsoft Windows NT4/200X ACLs must of necessity be mapped to POSIX ACLs.
The mappings for file permissions are shown in <link linkend="fdsacls"/>.
+ The '#' character means this flag is set only when the Windows administrator
+ sets the <constant>Full Control</constant> flag on the file.
</para>
<table frame='all' pgwide='0' id="fdsacls"><title>How Windows File ACLs Map to UNIX POSIX File ACLs</title>
@@ -1287,7 +1289,7 @@
<colspec align="center"/>
<thead>
<row>
- <entry align="center">Windows ACE</entry>
+ <entry align="left">Windows ACE</entry>
<entry align="center">File Attribute Flag</entry>
</row>
</thead>
@@ -1358,6 +1360,19 @@
that is intended by the Administrator.
</para>
+ <para>
+ In general the mapping of UNIX POSIX user/group/other permissions will be mapped to
+ Windows ALCs. This has precidence over the creation of POSIX ACLs. POSIX ACLs are necessary
+ to establish access controls for users and groups other than the user and group that
+ own the file or directory.
+ </para>
+
+ <para>
+ The UNIX administrator can set any directory permission from within the UNIX environment.
+ The Windows administrator is more restricted in that it is not possible from within the
+ Windows Explorer to remove read permission for the file owner.
+ </para>
+
</sect3>
<sect3>
@@ -1369,6 +1384,12 @@
an Access Control List (ACL), are mapped to Windows directory ACLs.
</para>
+ <para>
+ Directory permissions function in much the same way as shown for file permissions, but
+ there are some notable exceptions and a few peculiarities that the astute administrator
+ will want to take into account in the setting up of directory permissions.
+ </para>
+
</sect3>
</sect2>
Modified: trunk/Samba-HOWTO-Collection/IDMAP.xml
===================================================================
--- trunk/Samba-HOWTO-Collection/IDMAP.xml 2005-03-30 15:11:31 UTC (rev 456)
+++ trunk/Samba-HOWTO-Collection/IDMAP.xml 2005-03-31 17:40:58 UTC (rev 457)
@@ -868,6 +868,13 @@
</para></step>
<step><para>
+ Store the LDAP server access password in the Samba <filename>secrets.tdb</filename> file as follows:
+<screen>
+&rootprompt; smbpasswd -w not24get
+</screen>
+ </para></step>
+
+ <step><para>
Start the <command>nmbd, winbind,</command> and <command>smbd</command> daemons in the order shown.
</para></step>
</procedure>
More information about the samba-cvs
mailing list