[Samba] How to set ACLs with Samba4 AD?

Lukas Gradl samba.org at ssn.at
Mon Jan 21 01:58:44 MST 2013

Zitat von Lee Allen <lee at leecallen.com>:

> I apologize if this is very beginner/basic.  In my defense, I can't get the
> Samba4 documentation to compile on my system, and I can't find the man
> pages online (a pointer to them would be extremely helpful).
> And in general, I am having difficulty sorting through the documentation on
> the wiki because much of it is clearly pre-Samba4 and therefore obsolete,
> or at least questionable.  It's hard to know what is relevant.
> Most of the posts I see here seem to be much better informed than I am.  I
> would love to know how they obtained their knowledge.
> So here is my question:
> I am running Samba4 as an AD and file server.  How do I define ACLs for the
> samba shares, for domain users & groups?
> These users and groups are not defined on the underlying OS (CentOS 6.3).
> It seems the answer is to do it via the underlying filesystem, but how is
> that possible when the domain users & groups are not defined in the OS?
> I see samba-tool has some ACL get/set capability.  Is that the answer?
> Or is there some special magic to get CentOS to control file access by
> referring to the Samba4 AD?
> Many thanks in advance for any help.
> And I would be very grateful for pointers to Samba4 introductory or
> background material (I have used the HOW-TOs extensively).

I second that - it took me some time to learn that after setting acls  
by "write user" for years I can now use the Windows tools.
So perhaps someone could add a few lines about setting acls in the howto?


More information about the samba mailing list