Problem with nt acl

Matthieu Patou mat at matws.net
Thu Mar 11 16:26:11 MST 2010


On 11/03/2010 17:59, Anton Löthman wrote:
> So i have some problem with the acl and permissons in s4 shares against windows computers.
> I have created some AD users,
> here is part of what show when typing getent passwd
>
> hund:*:3000024:100::/home/LOCAL/hund:/bin/false
> katt:*:3000025:100::/home/LOCAL/katt:/bin/false
> hare:*:3000026:100::/home/LOCAL/hare:/bin/false
>
> the share in smb.conf looks like this:
>
> [djur]
>         path = /home/stall
>         read only = no
>
> ls -l in /home/stall looks like this
>
> drwxr-xr-x 3 hund users 4096 Mar 11 15:40 hund
> drwxr-xr-x 3 katt     users 4096 Mar 11 15:09 katt
> drwxr-xr-x 3 hare     users 4096 Mar 11 15:09 hare
>
> but, if log onto the AD with ex hund, i can still write in katts directory
>    
Although it's not the reason of the pb can we have the acl of the folder 
(in sddl format, change the SID of your domain by SID).
I'm pretty sure that the windows ACL didn't deny write on the folder 
(but the posix should ...).

Matthieu.


More information about the samba-technical mailing list