Problem with nt acl
Matthieu Patou
mat at matws.net
Thu Mar 11 16:26:11 MST 2010
On 11/03/2010 17:59, Anton Löthman wrote:
> So i have some problem with the acl and permissons in s4 shares against windows computers.
> I have created some AD users,
> here is part of what show when typing getent passwd
>
> hund:*:3000024:100::/home/LOCAL/hund:/bin/false
> katt:*:3000025:100::/home/LOCAL/katt:/bin/false
> hare:*:3000026:100::/home/LOCAL/hare:/bin/false
>
> the share in smb.conf looks like this:
>
> [djur]
> path = /home/stall
> read only = no
>
> ls -l in /home/stall looks like this
>
> drwxr-xr-x 3 hund users 4096 Mar 11 15:40 hund
> drwxr-xr-x 3 katt users 4096 Mar 11 15:09 katt
> drwxr-xr-x 3 hare users 4096 Mar 11 15:09 hare
>
> but, if log onto the AD with ex hund, i can still write in katts directory
>
Although it's not the reason of the pb can we have the acl of the folder
(in sddl format, change the SID of your domain by SID).
I'm pretty sure that the windows ACL didn't deny write on the folder
(but the posix should ...).
Matthieu.
More information about the samba-technical
mailing list