[Samba] solaris 10 -zfs - smb.conf
Gaiseric Vandal
gaiseric.vandal at gmail.com
Mon Sep 27 07:34:34 MDT 2010
I am making some guesses...
Read the man page on idmap_rid. That might make the idmap stuff a
little simpler (it doesn't apply to my environment so I am not 100% sure.)
Does "wbinfo -u" and "wbinfo -g" list the AD domain users and groups?
Does "getent passwd" and "getent group" list those users? Do you have
/etc/nsswitch.conf configured to handle users and groups from
winbind? The Solaris OS has so have some way of dealing with
"Windows" users.
Is your idmap backend TDB or ldap? Do you see idmap entries in the
IDMAP DB?
On 09/27/2010 07:29 AM, RegioGis wrote:
> I'm desperately looking for an example of a working smb.conf file for solaris
> 10 using zfs ?
> I've been trying so many possible combinations of the available options, but
> I can not get it working properly.
> I want to mimic simple NT acls, including inheritance, and the possibility
> to add AD groups.
> I often get stuck on deny aces being generated as the first aces in the acl.
> Environment : solaris 10 with zfs, AD integration via kerberos enabled,
> samba 3.0.35
>
> smb.conf ( one of the many try-outs ... )
> ---------
>
> [global]
> workgroup = X
> realm = X.Y.Z
> netbios name = GISSMBD
> server string = GIS DEV Samba Server
> security = ADS
> auth methods = winbind
> server signing = auto
> preferred master = No
> local master = No
> dns proxy = No
> ldap timeout = 86400
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind use default domain = yes
> ...
>
> [share1]
> path = /path/to/share1
> force group = gis
> read only = no
> create mask = 0660
> directory mask = 0770
> force unknown acl user = yes
> acl check permissions = no
> ea support = yes
> store dos attributes = yes
> map readonly = no
> map archive = no
> map system = no
> vfs objects = zfsacl
> nfs4: mode = special
> nfs4: acedup = merge
>
> Thanks in advance
>
More information about the samba
mailing list