[Samba] setfacl(1) - Can FreeBSD's ACLs contain groups from NT/AD domains ?

Wilkinson, Alex alex.wilkinson at dsto.defence.gov.au
Mon Aug 6 09:27:50 GMT 2007


Hi all,

I have "FreeBSD 7.0-CURRENT #1: Wed Jul 25" authenticating successfully against
active directory via samba's winbindd(8). I need to manage samba shares via
FreeBSD ACLs and CIFS ACLs. From my reading of setfacl(1) I should be able to
set group permissions using the syntax of DOMAIN\group-name. For example:

   #setfacl -d -m g:"MYDOMAIN\mygroupname":rwx test

However, when I do this on FreeBSD -CURRENT I get the following error:

   #setfacl -d -m g:"MYDOMAIN\mygroupname":rwx test
    setfacl: g:MYDOMAIN\mygroupname: Invalid argument

>From a quick Google it looks like Linux ACLs can do the aforementioned
[http://www.techtutorials.net/blogs/index.php?mode=viewuser&user_id=7].

Is anyone successfully managing there Samba shares via NT/AD groups using
FreeBSD ACLs ?

 -aW

IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914.  If you have received this email in error, you are requested to contact the sender and delete the email.




More information about the samba mailing list