svn commit: samba-docs r457 - in trunk/Samba-HOWTO-Collection: .

jht at samba.org jht at samba.org
Thu Mar 31 17:40:59 GMT 2005 

Author: jht
Date: 2005-03-31 17:40:58 +0000 (Thu, 31 Mar 2005)
New Revision: 457

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-docs&rev=457

Log:
Fix missing LDAP server password problem.
Modified:
   trunk/Samba-HOWTO-Collection/AccessControls.xml
   trunk/Samba-HOWTO-Collection/IDMAP.xml


Changeset:
Modified: trunk/Samba-HOWTO-Collection/AccessControls.xml
===================================================================
--- trunk/Samba-HOWTO-Collection/AccessControls.xml	2005-03-30 15:11:31 UTC (rev 456)
+++ trunk/Samba-HOWTO-Collection/AccessControls.xml	2005-03-31 17:40:58 UTC (rev 457)
@@ -1279,6 +1279,8 @@
 	<para>
 	Microsoft Windows NT4/200X ACLs must of necessity be mapped to POSIX ACLs.
 	The mappings for file permissions are shown in <link linkend="fdsacls"/>.
+	The '#' character means this flag is set only when the Windows administrator
+	sets the <constant>Full Control</constant> flag on the file.
 	</para>
 
 	<table frame='all' pgwide='0' id="fdsacls"><title>How Windows File ACLs Map to UNIX POSIX File ACLs</title>
@@ -1287,7 +1289,7 @@
 		<colspec align="center"/>
 		<thead>
 		<row>
-			<entry align="center">Windows ACE</entry>
+			<entry align="left">Windows ACE</entry>
 			<entry align="center">File Attribute Flag</entry>
 		</row>
 		</thead>
@@ -1358,6 +1360,19 @@
 	that is intended by the Administrator.
 	</para>
 
+	<para>
+	In general the mapping of UNIX POSIX user/group/other permissions will be mapped to
+	Windows ALCs. This has precidence over the creation of POSIX ACLs. POSIX ACLs are necessary
+	to establish access controls for users and groups other than the user and group that
+	own the file or directory.
+	</para>
+
+	<para>
+	The UNIX administrator can set any directory permission from within the UNIX environment.
+	The Windows administrator is more restricted in that it is not possible from within the 
+	Windows Explorer to remove read permission for the file owner.
+	</para>
+
 	</sect3>
 
 	<sect3>
@@ -1369,6 +1384,12 @@
 	an Access Control List (ACL), are mapped to Windows directory ACLs.
 	</para>
 
+	<para>
+	Directory permissions function in much the same way as shown for file permissions, but
+	there are some notable exceptions and a few peculiarities that the astute administrator
+	will want to take into account in the setting up of directory permissions.
+	</para>
+
 	</sect3>
 
 	</sect2>

Modified: trunk/Samba-HOWTO-Collection/IDMAP.xml
===================================================================
--- trunk/Samba-HOWTO-Collection/IDMAP.xml	2005-03-30 15:11:31 UTC (rev 456)
+++ trunk/Samba-HOWTO-Collection/IDMAP.xml	2005-03-31 17:40:58 UTC (rev 457)
@@ -868,6 +868,13 @@
 		</para></step>
 
 		<step><para>
+		Store the LDAP server access password in the Samba <filename>secrets.tdb</filename> file as follows:
+<screen>
+&rootprompt; smbpasswd -w not24get
+</screen>
+		</para></step>
+
+		<step><para>
 		Start the <command>nmbd, winbind,</command> and <command>smbd</command> daemons in the order shown.
 		</para></step>
 	</procedure>

More information about the samba-cvs mailing list