[Samba] Samba locking with NFS backend.

Adam Tauno Williams adamtaunowilliams at gmail.com
Thu Jan 10 02:28:54 GMT 2008

> >> The main reason we don't use the Cifs capabilities of the Isilon cluster 
> >> is that it doesn't support how we use Samba / Ldap.
> >> We have 1 LDAP tree, with all little OU's and each OU is the container 
> >> for 1 domain.
> >> We use a filter to make sure that a user that connect to the samba he 
> >> has access to, only sees his part of the LDAP tree.
> >> This filter functionality is something that is not available in the 
> >> stock samba, it was before, and we patch it back into every samba we use 
> >> in production.
> >> We can't patch it into the Cifs server on the Isilon cluster.
> > You should be able to - it's just Samba and so you have
> > the source code.
> > Is the filter patch more generally useful ? Do you think
> > it's worth submitting to the list or as a feature request ?
> The filter patch is very usefull and a while back it was in the code. 
> But as I understood from my colleges is was removed because noone seemed 
> to understand what you could do with it and therefor noone needed it. We 
> need it very much and that's why we have reverse engineered the patch 
> that removed this functionality and patch it back in every time we go to 
> a new version of Samba.

If ACLs aren't sufficient you certainly can accomplish it via back-meta
and rewrite rules, all on the DSA, and keeping a simpler Samba

Adam Tauno Williams, Network & Systems Administrator
Consultant - http://www.whitemiceconsulting.com
Developer - http://www.opengroupware.org

More information about the samba mailing list