Another ACL question :-)
matthew at arts.usyd.edu.au
Wed Jul 18 05:35:18 GMT 2001
2.2.1a on a Linux 2.4.7pre6-XFS system
The machine is NOT the domain controler. The client is Win2k (no
I have 'security = domain' in th smbd conf. I can connect with
security=server as well. The 'PDC' is a samba 2.2.0 machine.
From the windows security dialog - I cannot add ACLs for users of the
domain. If I have security=server, windows shows the current 'ACL' for
the file, but when you try to add one, a message appears that it cannot
tell if my test server is in the domain.
With security=domain it gets further, allowing me to select a user
(from the smbpasswd file - not all our users are in it on the 'PDC'), I
get to edit what arributes they have, but when I OK that selection, it
is not saved, only the orginal list (user, group, other) are shown.
While the test server is not the PDC it does have a copy of the password
file from the 'PDC' on it.
If I use chacl to add another user ACL to the file, windows does
display this fact (as a user of the server not the domain). I can add or
substract various attributes for this user.
If I used the windows dialog and select the server for the list of
names to add, it only shows groups. No users are listed. (I just copied
smbpasswd of my 'PDC' and it now lets me add users that are in
chacl lists the added users and groups as I expect.
I actually have no need for ACLs from samba. This is just for my own
Matthew Geier matthew at arts.usyd.edu.au
Arts IT Unit +61 2 9351 4713
More information about the samba-technical