[Samba] Samba locking with NFS backend.
Adam Tauno Williams
adamtaunowilliams at gmail.com
Thu Jan 10 02:28:54 GMT 2008
> >> The main reason we don't use the Cifs capabilities of the Isilon cluster
> >> is that it doesn't support how we use Samba / Ldap.
> >> We have 1 LDAP tree, with all little OU's and each OU is the container
> >> for 1 domain.
> >> We use a filter to make sure that a user that connect to the samba he
> >> has access to, only sees his part of the LDAP tree.
> >> This filter functionality is something that is not available in the
> >> stock samba, it was before, and we patch it back into every samba we use
> >> in production.
> >> We can't patch it into the Cifs server on the Isilon cluster.
> > You should be able to - it's just Samba and so you have
> > the source code.
> > Is the filter patch more generally useful ? Do you think
> > it's worth submitting to the list or as a feature request ?
> The filter patch is very usefull and a while back it was in the code.
> But as I understood from my colleges is was removed because noone seemed
> to understand what you could do with it and therefor noone needed it. We
> need it very much and that's why we have reverse engineered the patch
> that removed this functionality and patch it back in every time we go to
> a new version of Samba.
If ACLs aren't sufficient you certainly can accomplish it via back-meta
and rewrite rules, all on the DSA, and keeping a simpler Samba
configuration.
--
Adam Tauno Williams, Network & Systems Administrator
Consultant - http://www.whitemiceconsulting.com
Developer - http://www.opengroupware.org
More information about the samba
mailing list