Modifications of ACLs via Windows client
bon at teamlog.fr
Mon Dec 3 07:46:03 GMT 2001
I'm trying to implement the XFS ACLs under samba 2.2.2.
I'd compiled a new kernel with xfs support and all the ACL functions
(setfacl, getfacl, etc) works well.
I'd then compiled samba 2.2.2 with the --with-acl option, and it seems to be
happy with that.
Now I'm trying to access the ACLs via windows clients. A client could
modify the access right existing until it correspond to the unix rights, but
when i try to modify others rights, like adding a user or a group in the
ACLs, I got an "Unable to register the autorisation modification on the file
foobar, Access denied" (approximative translation from french).
The rights declared in the ACL are well used because a user that is only
declared in the ACL rights (not the primary(unix) rights) could acces a
specific shared following the ACLs.
My question is, could we change the acl via the security panel of Windows,
and if yes, what could I have done wrong?
Here is my global section of the smb.conf :
workgroup = SMAD02
netbios name = SMAD
security = user
nt acl support = yes
encrypt passwords = Yes
map to guest = Bad User
null passwords = No
log level = 1
log file = /var/log/log.%h
name resolve order = wins lmhosts host bcast
time server = Yes
deadtime = 5
keepalive = 30
socket options = IPTOS_LOWDELAY TCP_NODELAY
domain admin group = samba @adm_info
logon script = %U.bat
logon drive = p:
domain logons = Yes
os level = 64
preferred master = True
domain master = True
wins support = Yes
kernel oplocks = No
admin users = @adm_info
create mask = 0770
directory mask = 0770
More information about the samba-ntdom