[Samba] Domain member ACL does not show correct domain name
Evan Rempel
erempel at uvic.ca
Thu Nov 4 23:02:32 GMT 2004
I have a Samba 3.0.7 server running as a domain member, with ACL support
enabled. When using a windows client to look at the security of a file,
all of the permissions show the the samba server as the domain, not the
actual domain name.
Example:
My Samba server is called CASE.
My domain is called CASEDOM
When I look at the permissions of a file, they show
CASE\erempel full
CASE\erempel read+execute
everyone none
if I try to add another permission for the user
CASEDOM\bill
as soon as I click on the apply button, the permission dissapears.
I can only add permissions for CASE\bill
This is not the way I think it should work, and it is not the way it works
on a windows server.
Any suggestions as to what I am missing?
Just for completeness, I am running on both Redhat Advance Server 3
and on AIX 5.2 and both have the same symptoms. Here is the smb.conf file.
----------------
# Samba config file created using SWAT
# from 142.104.16.109 (142.104.16.109)
# Date: 2004/11/04 14:33:57
# Global parameters
[global]
workgroup = CASEDOM
server string = testing
security = DOMAIN
update encrypted = Yes
password server = ntsrvr1 ntsrvr2
guest account = guest
client NTLMv2 auth = Yes
client lanman auth = No
client plaintext auth = No
syslog = 2
log file = /usr/local/samba/var/log.%m
debug pid = Yes
debug uid = Yes
deadtime = 600
max smbd processes = 500
socket options = TCP_NODELAY SO_KEEPALIVE
load printers = No
os level = 1
ldap ssl = no
invalid users = root, bin, sys
create mask = 0700
directory mask = 0700
force unknown acl user = Yes
map acl inherit = Yes
veto files = /.cshrc/.login/.logout/.profile/.mailboxlist/
map archive = No
mangled names = No
wide links = No
[home]
comment = Home Accounts
path = /home
read only = No
--
Evan Rempel erempel at uvic.ca
Senior Programmer Analyst 250.721.7691
Computing Services
University of Victoria
More information about the samba
mailing list