[Samba] SGI XFS 1.0.2a, ACLs and samba 2.2.3a with win2k perms

sven sven svenv999 at hotmail.com
Mon Mar 4 21:21:08 GMT 2002 

You can use win2k to set permissions on SGI's XFS too. But I haven't been 
able to assign permissions to other win2k domain users on a samba share. 
With:
security = server
My Win2k domain users can access the samba share, set permissions that 
affect the underlying unix permissions(UGO), but cannot assign another 
domain groups/users to the file/folder.

Is this something you can do with the 2.4.17 kernel?

>From: Kevin Pate <kevin at pateconsulting.com>
>To: sven sven <svenv999 at hotmail.com>
>CC: samba at samba.org
>Subject: Re: [Samba] SGI XFS 1.0.2a, ACLs and samba 2.2.3a with win2k perms
>Date: 04 Mar 2002 22:02:50 -0600
>
>I'm not sure if it will work with SGI's XFS, but I just installed a new
>2.4.17 linux kernel with ACL support and it works with Windows 2000!!!
>I can set permissions on folders from a Windows 2000 computer.  The link
>to the kernel patches (they may have some SGI stuff) is
>acl.bestbits.at.  Samba must be compiled --with-acl-support.  Good
>luck!!
>
>Kevin Pate
>RHCE
>Pate Consulting
>kevin at pateconsulting.com
>
>On Mon, 2002-03-04 at 20:28, sven sven wrote:
>
>     Hi,
>
>     I haven't been able to find any doco that explicity states whether it 
>is
>     supported, so I am hoping someone out there can answer the following
>     questions:
>
>     Is it possible for a folder/file in a samba share to have win2k 
>security
>     permissions assigned to it? For example, I want my samba server to
>     participate in an existing Win2k domain. I want users to be able to 
>set
>     their own permissions for other domain users/groups for files/folders 
>they
>     own.
>     Do I have to use smbcacls to facilitate this?
>     Do I have to use winbindd to facilitate this?
>
>     Some of my smb.conf settings are as follows:
>     [global]
>     workgroup=TESTZONE
>     security = domain
>     password server = test3
>     nt acl support = yes
>
>     [downloads]
>        path = /xfs/downloads
>        public = yes
>        only guest = no
>        writable = yes
>        printable = no
>        write list = @quota_users
>
>     The samba box is running RH7.2, samba 2.2.3a and is using the SGI XFS
>     filesystem (1.0.2a).
>
>     The downloads samba share is residing on an XFS file system that 
>supports
>     acl's. The pc is a member of the domain (smbpasswd -j ...). Domain 
>users
>     that have an account on this machine and are a member of quota_users 
>can
>     have access to the samba share.
>
>     Whenever I try to assign permissions for a domain user 
>TESTZONE\f_flintstone
>     i get:
>
>     create_canon_ace_lists: unable to map SID
>     S-1-5-21-606747145-813497703-1202660629-1110 to uid or gid.
>
>     I have tried both the rpm version and a compiled 2.2.3a version (with
>     --acl-support).
>
>     TIA
>
>
>     _________________________________________________________________
>     MSN Photos is the easiest way to share and print your photos:
>     http://photos.msn.com/support/worldwide.aspx
>
>
>     --
>     To unsubscribe from this list go to the following URL and read the
>     instructions:  http://lists.samba.org/mailman/listinfo/samba
>
>


_________________________________________________________________
Join the world’s largest e-mail service with MSN Hotmail. 
http://www.hotmail.com

More information about the samba mailing list