[Samba] restricting the windows users security tab with samba acl
Jaan Talvet
jtalvet at njsba.org
Mon Aug 20 15:35:14 GMT 2007
Hello,
We're porting all our windows file servers over to linux. I just joined
our samba server to Active Directory and it works great with ACL - I can
add/remove Sales, Marketing, IT groups etc.., unfortunately, so can
everyone else.
Q) How can I restrict our regular windows XP users from manipulating the
"Properties -> Security" tab in file explorer? I'd need to restrict
that to only the "Domain Admins" group like in Windows. Right now,
anyone can add/remove groups - that's bad.
setting "nt acl support = no" removes ACL control completely, not just
for regular users, but admins too.
any ideas?
Thanks,
Jaan
More information about the samba
mailing list