[Samba] Ext3 ACLS / pdbedit questions
cybre at killcybre.org
Tue Feb 3 20:57:51 GMT 2004
OS: RedHat 9
SMB Ver: 3.0.0(+excel patch)
OpenLDAP Ver: 2.0.27-8 (backend)
I've noticed that when using ext3+acls when viewing permissions from a windows client, there will be two additional attributes, "CREATOR USER" and "CREATOR GROUP". Is this something from the translation between ext3acls -> windows?
Not a big deal, just curious if I'm the only one here, and if xfs does the same thing?
SID->username / groupname is also a bit lagg'ish, but I believe this was fixed in 3.0.1 due to an ldap bind error where when looking up SIDs a bunch of "can only connect to ldap as root" messages were dumped to log. Waiting for 3.0.2 release to upgrade.
And last but not least, pdbedit. Can this only be used to affect the policies for ever user who is a member of the domain, or can it be used per-user? i.e. I have both human users, as well as some service accounts for linux/windows in ldap. Now I'd like for the actual users' passwords to expire after 90 days or so, alternately I'd prefer to not have to worry about the passwords on the service accounts.
Also, is there a way to force password change upon next login? Obviously this is a bad idea if pdbedit can only be used to make policy changes for all users.
Thanks in advance for all the help, as always I appreciate it.
More information about the samba