[Samba] ACL - only for domain groups

Misza tenroh at o2.pl
Fri Sep 28 21:22:31 GMT 2007


Amazing thing I see, when I look into a permission tab on XP machine. No
matter of which user I use to create new file, I always receive
permission for: Domain Admins, Domain Users, All/Others. There is no
entry for that user. I can add him manually, but I' ve thought that
proper behaviour should give me as a result: User, His group,
All/Others. Moreover I am not able to change permission for any of this
groups, except All/Others...

I use Samba(3.0.26a) on ext2 with acl support. I' ve already map Linux
groups to equivalent NT groups (with type=d and proper RID=512,513).
Belove I put IMHO the most important lines from smb.conf:


create mask = 0600
directory mask = 0700
security mask = 0777
directory security mask = 0777
force security mode = 0000
force directory security mode = 0000

nt acl support = yes
profile acls = yes
acl compatibility = win2k
acl map full control = True

path = /mnt/nas
browseable = yes

More information about the samba mailing list