Linux "NT" fileserver to interact with an NT PDC (including A
CL a nd group permissions)
Mayers, P J
p.mayers at ic.ac.uk
Thu Nov 18 13:27:15 GMT 1999
No, this isn't possible. You might want to investigate the ext2 ACL patch
(http://major.rithus.co.at/acl/), which would allow you to set more than
(owner,group.other) triples. Samba doesn't yet (I think) support this, so
you can't change the ACLs with (say) Explorer, but I think Jeremy Allison
was working on it.
> -----Original Message-----
> From: Paul Rogers [SMTP:paul.rogers at mis-cds.com]
> Sent: Wednesday, November 17, 1999 9:01 PM
> To: Multiple recipients of list SAMBA-NTDOM
> Subject: Linux "NT" fileserver to interact with an NT PDC (including
> ACL a nd group permissions)
> I've been using samba for ages now on my workstation to interact with our
> network. I rather foolishly suggested that we should have a Linux
> with a RAID-5 system, instead of the NT PDC because it is starting to
> overworked (ahhhh Windows can't cope - again!). I've setup Samba 2.0.3
> correctly to authenticate with our NT PDC on my workstation and all is
> hunky-dory until someone mentioned about NT's ACLs and Group permissions.
> is required by the powers above me that any Group Permissions setup on the
> NT PDC are adhered to by the fileserver (in this case to be a Linux box
> running samba).
> Now this is the crunch bit (because the solution may or may not have
> appeared on this list before - I apologise if this is a repeated
> If I have an NT fileserver and a Linux fileserver (running SMB), I setup a
> folder within a share that is created on both machines. Within this folder
> place three files (on to both the NT and Linux server). On the NT
> fileserver, I can change the permissions by changing what groups/users
> Read, Change, etc... control in the Permissions tab in the Properties
> (right click on the file). Also I can change Group membership on the NT
> and the NT server will follow what the Group lists say on the NT PDC. Can
> do the same with the Linux fileserver (i.e. changing the permissions on
> file so that they are different - i.e. varying groups have varied degrees
> access to the files).
> Group called Sales which has user1 and user2 belonging to it
> Group called Tech which has user3 and user4 belonging to it
> Home directories shared as \\testbox\home from C:\HOME
> Directory called products - C:\HOME\products (\\testbox\home\products)
> Under NT I can modify the permissions on the products directory to be
> readable by the group Tech and read-write access to the group Sales.
> Therefore everyone else has no access to this directory.
> Home directories shared as \\testbox2\home from /home
> Directory called products - /home/products (\\testbox2\home\products)
> Under Linux how would I setup samba to have multiple permissions setup
> multiple groups, because under linux, you can have users belonging to
> multiple groups, but files / directories can only be owned by one group.
> products directory would belong to the group Sales hence owned by
> user1.Sales and the permissions in octal would be 770 disallowing access
> from everyone. But this will not allow for the technical group to have
> read-only access
> Is it possible for a samba share on linux to be able to use the NT
> Groups/Permissions setup on the PDC?
> You're confused aren't you? - I know I am!
> Paul Rogers,
> Development Analyst.
> For and on behalf of MIS Corporate Defence Solutions Limited
> Tel: 44 (0)1622 723400 Switchboard
> 44 (0)1622 723422 Direct Line
> Fax: 44 (0)1622 728690
> e-mail : paul.rogers at mis-cds.com <mailto:paul.rogers at mis-cds.com>
> web site : <http://www.mis-cds.com>
> The information contained in this message or any of its attachments may be
> privileged and confidential and intended for the exclusive use of the
> addressee. If you are not the addressee any disclosure, reproduction,
> distribution or other dissemination or use of this communications is
> strictly prohibited. If you have received this transmission in error,
> contact our Security Manager on 44 (0) 1622 723400.
More information about the samba-ntdom