[Samba] Help on ACLs and samba

Noel Kelly nkelly at citrusnetworks.net
Fri Nov 15 08:50:01 GMT 2002


To use ACLs you will need an ACL-enabled kernel/filesystem and build Samba
on top of this.  Some distros like Mandrake now come with ACLs built in.
Otherwise you will need to patch your kernel.

However, if your current shares are done with whole groups then you probably
don't need ACLs and can simply use the security in Samba using parameters
like 'valid users=', 'write list=', 'read list=', 'force group=' etc.  Much
simpler from both an administration and setup point of view.

There is no way to transfer your NT ACLs to Samba automatically (same as if
you transferred stuff between any two volumes - you will always lose the
ACLs).

I don't think there is a way of grabbing the whole SAM database
automatically from an existing NT domain in Samba 2.2.6 (there is something
like this in 3.0 i believe?).   You will need to create each user in your
Samba PDC manually but if you have a large number then you could use
winbindd to get a text listing of the users on the current domain and then
use a script to create each of them on the Samba PDC.

HTH,
Noel



-----Original Message-----
From: Adrian Chow Seng Yien [mailto:chowadrian at icr.a-star.edu.sg]
Sent: 15 November 2002 02:16
To: samba at lists.samba.org
Subject: [Samba] Help on ACLs and samba


Hi,

Firstly I want to declare I am a newbie to Samba.  I am installing samba
over Redhat 8.0

I need to know whether Samba can replace my NT4 PDC in the following aspects
and how to do it:-
1.  ACLs.  Must i create the every user name in Samba as in the NT4 PDC?
How do I create groups like "Protocol Stack" with space in between the
groupname?  (Making sure that the ACls are mapped properly when transfering
files over to Linux Samba)
2.  If I were to transfer files from the NT4 PDC to Linux Samba, can I
retains the ACLs being set on NT4?  How must I do to ensure the ACls are
retained?  (Similar to question 1)
3.  Is there any method to transfer the SAM over without creating every user
and group all over again?

FYi, my PDC is doing file sharing only with permissions set for different
groups in different levels of the directories.   I am going to remove the
NT4 server and use Samba ultimately.

If cannot answer in 1 email, please refer me to the right documentation to
do so.

Thanks.

newbie adrian

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.410 / Virus Database: 231 - Release Date: 31/10/2002
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.410 / Virus Database: 231 - Release Date: 31/10/2002
 



More information about the samba mailing list