Samba using Server 2k3 DC for auth and ACL permissions
Blotto
pete at wenco.com.au
Mon Jul 27 01:43:05 MDT 2009
Hi,
i have a samba server setup on debian to use a server 2k3 AD for auth.
This works perfectly fine
what doesnt work, is ACL permissions.
I have the drives mounted as acl, acl is settable and readable on both
windows and debian;
# getfacl web/
# file: web/
# owner: root
# group: root
user::rwx
user:600:rwx
user:602:r-x
group::r-x
group:605:rwx
mask::rwx
other::---
default:user::rwx
default:user:600:rwx
default:user:602:r-x
default:group::r-x
default:group:605:rwx
default:mask::rwx
default:other::---
These values were set using the permissions editor in windows
the problem i have is that the permissions do nothing
if i set a users from the domain to have full control of a folder, they
still cant access it, only users listed in the smb.conf file for that share
have access regardless of the acl permissions set, so im thinking im missing
something config wise
smb.conf
[global]
security = ADS
encrypt passwords = yes
wins support = yes
workgroup = MY
realm = MY.DOMAIN
winbind enum users = Yes
winbind enum groups = Yes
winbind separator = +
idmap uid = 10000-30000
idmap gid = 10000-30000
template shell = /bin/bash
log level = 3
log file = /var/log/samba.log
password server = wencodc
map acl inherit = yes
acl group inherit = yes
acls group control = yes
[Admin]
path = /media/Shared/
read only = no
create mode = 0700
directory mode = 0700
nt acl support = yes
acl map full control = yes
admin users = @MY+fileserveradmin
valid users = @"MY+Domain Users"
browseable = true
Any help greatly appreciated, ive exhausted google on this to no avail.
-Pete
--
View this message in context: http://www.nabble.com/Samba-using-Server-2k3-DC-for-auth-and-ACL-permissions-tp24675030p24675030.html
Sent from the Samba - samba-technical mailing list archive at Nabble.com.
More information about the samba-technical
mailing list