Samba4 MMC Write Support
Andrew Bartlett
abartlet at samba.org
Tue Jul 3 02:52:20 GMT 2007
On Tue, 2007-07-03 at 12:21 +1000, tridge at samba.org wrote:
> Andrew,
>
> > [SYSVOL] shouldn't be our private dir, but say /usr/local/samba/sysvol.
>
> actually, I wonder if we shouldn't make [sysvol] point by default into
> one of the standard directories (like where we place our long term tdb
> databases). It should remain fairly small, and is really config
> information, not user data.
We shouldn't expose our tdbs that way, but I think the default provision
should include both shares, with the setup you describe below already
done.
> > Perhaps just check the silly things - do the directories exist, and do
> > you have access?
>
> Here is a (very brief) howto:
>
> 1) you need to create the right directories. Run this command:
>
> ldbsearch -H $PREFIX/private/sam.ldb objectClass=groupPolicyContainer gPCFileSysPath
>
> That will point you at a UNC path with a GUID in it. You can edit
> that path using ldbedit, or create a share to match that path.
>
> Within that path you need to create subdirectories called Machine
> and User.
>
> 2) use gpmc.msc and edit your policies, connected as administrator
>
> 3) use chmod -R to make the files and directories in that share
> accessible for read by everyone. This shouldn't be necessary, and I
> have a pending patch to fix this, but for now you'll need to do it
> by hand.
>
> 4) login from a client, and see that the policies are obeyed. I
> sometimes find it takes 2 logins before they apply on a client. I
> don't know why yet.
>
> Cheers, Tridge
>
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20070703/f44f5393/attachment.bin
More information about the samba-technical
mailing list