[Samba] acl's, Samba4 and rw shares

steve steve at steve-ss.com
Fri Feb 17 11:26:45 MST 2012

Hi Aaron, hi everyone

We gave it a go. And yes, we had a little chuckle wrt your references as 
to the output of samba-tool ntacl.
We still have not sorted it 100% but at least it's workable. One of the 
conclusions we came to was that we don't think Samba4 is taking the acl 
from the disk. Here are our findings which of course, include the output 
from ntacl (worth a click just to see that!):

If anyone can help pleeeez post.
Thanks for your patience,

On 16/02/12 19:39, Aaron E. wrote:
> Setting the Permissions in windows is easy, browse to your server like 
> so..start> run  \\server
> right click share >  properties,> security tab -- if your unfamiliar 
> with windows permissions I would read up on those..
> being doable in linux,, hmm I'm sure it is but as I said I would 
> create a share change windows permissions and look at them through 
> linux, do that and you'll get the idea of what I'm talking about...
> Someone can correct me here if I step out of bounds but I don't think 
> the samba team has gotten this far yet to make the samba-tool ntacl 
> tree practical to use..
> as far as how the perms are shared is relative to file-system support, 
> that's what the user_xattr support on the mount point is for.. so it 
> adds the support for the Linux mount to store the NTACLS ,
>>> Hi
>> Thanks for taking the time to explain this. Just thinking out loud, but
>> since windows will be storing stuff on an ext4 filesystem, whatever the
>> ntacl does must be doable in Linux too no? Or am I missing the point
>> here? Anyway, the next stage is to find where to set the ntacl from the
>> windows side. Is it a case of searching or is it buried deep inside the
>> registry somewhere?
>> BTW, we have setup the S4 users with posix attrs and files are stored
>> correctly on both Linux and windows. We map via nss-pam-ldapd on Linux.
>> Not set any ntacls there, so far that is since we've only just started
>> to experiment with rw shares..
>> Cheers,
>> Steve

More information about the samba mailing list