[ANNOUNCE] Samba 4.0 beta5

Scott Jordahl scott at jordahl.com
Wed Aug 1 16:49:51 MDT 2012


I'm a little confused on this whole ACL and s3fs file system issue.

 >  Modifying of group policies by members of the Domain Administrators
 >  group is not possible with the s3fs file server, only with the ntvfs
 >  file server.  This is due to the underlying POSIX ACL not being set
 >  at provision time.

I have a production site that's running and now using s3fs. I elected to 
create a whole new, clean domain using beta4 (they had a Win2k3 domain). 
There's only 15 users/computers, so it wasn't too hard to re-create. The 
server was previously acting as a file server, running Samba3 and acting 
as a member server to the older Win2k3 AD domain (The samba server, 
BTW,  is Ubuntu 10.04 LTS x64)..

To enable GPOs, is there a way to use setfacl set the necessary ACL 
default values after the provisioning? If so, what ACLs need to be set? 
Do you set ACLs on all files/directories in the file shares or just the 
ones in SYSVOL? It's also a little confusing on how Windows ACLs map to 
Posix ACLs. What ACL values need to be set? I need to clean up file 
access as the files/folders still hold old S3 IDMAP entries.

-- Scott




More information about the samba-technical mailing list