[Samba] Profiles XP and Service Pack 1
Andrew Bartlett
abartlet at samba.org
Thu Sep 12 23:05:01 GMT 2002
Hans Wurst wrote:
>
> Hi Trevor, Hi list
>
> the registry patch did not have an influence - neither did changing the
> shares
> ownership from root to a domain admin. Perhaps sombodey can help me with the
>
> comment in the Win2kSP2 readme - Why is "NT ACL support = no" not
> neccessary
> when winbind is used to create users? And again, any further feedback is
> greatly
> appreciated.
The only reason to ever set 'nt acl support = no' is if the SIDs that
Samba returns as owning the files is invalid (to the client). This
occurs on standalone Samba servers, and Samba servers that are members
of a domain but not running Winbind.
So, this setting is not necessary on a Winbind-based installation.
The reason we need this setting at all is because Win2k/WinXP make
additional checks on the files. Furthermore, it appears that WinXP SP1
no longer allows 'no acl support' as a valid option (As win2k SP2 did)
on a profile share - the files *must* be owned by either an
administrator or the user themselves.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list