[Samba] Samba+ACL+w2k domain
Фролов Иван Александрович
adm at altapress.ru
Thu Feb 7 08:04:50 GMT 2008
I have set up samba as a member of w2k the domain, has made Share with
ACL support. I distribute the rights through Windows "ticks"
sucsessfully. But I can not be remove them - windows says that "You can
not remove the user because this object is inheriting permission from
his parent...". After I remove inheritence on the share user still stays
in the ACL withoue any permissions.
Windows writes, that these rights are as though inherited. I do not
know, that I do not so.
FreeBSD 6.2
Samba Version 3.0.28
heimdal 1.0.1
Samba config:
[global]
workgroup = MYDOMAIN
security = domain
server string = ws01 Samba Server
netbiosname = ws01
local master = no
domain master = no
preferred master = no
dns proxy = no
display charset = koi8-r
unix charset = koi8-r
dos charset = cp866
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind cache time = 15
winbind enum users = Yes
winbind enum groups = Yes
hosts allow = 192.168.0. 192.168.1. 127.
bind interfaces only = Yes
interfaces = 192.168.0.125
log file = /var/log/samba/log.%m
max log size = 50
load printers = no
#============================ Share Definitions
==============================
[store]
comment = qwerty!
path = /store
read list = "@MYDOMAIN\Domain Users"
write list = "@MYDOMAIN\Domain Admins"
admin users = "@MYDOMAIN\Domain Admins", MYDOMAIN at adm
read only = No
create mask = 700
directory mask = 700
inherit owner = yes
inherit acls = yes
inherit permissions = yes
map acl inherit = yes
locking = nophotoarch
More information about the samba
mailing list