[Samba] samba 3.5.5 and ACL mod
Sebastian.Perkins at swisscom.com
Sebastian.Perkins at swisscom.com
Wed Sep 29 02:31:07 MDT 2010
>>On Tue, Sep 28, 2010 at 12:14 PM, <Sebastian.Perkins at swisscom.com> wrote:
>>>Hello,
>>>
>>> We are in the middle of testing debian squeeze 64 bits with samba 3.5.5 >>and are running into some questions:
>>>
>>> 1) Is this solution OK with windows 7 "out of the box" (ie no >>hacking/modifications to do on the pc) ? I have tested it seems so but I >>would like a confirmation.
>>
>>You still need the registry change from here:
>>http://wiki.samba.org/index.php/Windows7
We are using security=user to challenge local passwords and not a domain (maybe later...).
>> >
>> > 2) Despite massive googling, I have not found a correct smb.conf >> >> >> configuration to change ACL statuses on shares (or even subfolders/files) >> via a windows based mmc (xp or vista). Yes, the IT people are not into >> >> SWAT or Webmin. It is stated possible. Are there any pointers or special >> issues I have missed with this version?
>> >
>> You need idmap to work for acls to even begin to work as you expect.
>> You also need either acls enabled in the host filesystem and / or use
>> the acl_xattr module.
Testbed is using xfs so what I understand it that acls are already embedded. Later we will use nfs shares, at this time in v3 which must be updated to v4 for acls.
Do I still need idmap in this situation ? the doc seems quite domain oriented with this sort of config.
My goal is to permit acl based on the local unix users (just created by useradd and smbpasswd -a).
Sebastian
John
More information about the samba
mailing list