[Samba] Using Windows ACL on a samba3 share
?icro MEGAS
micromegas at mail333.com
Wed May 8 03:19:31 MDT 2013
Hello folks,
I have some directories within a samba 3.x share which I want to give granulated security settings for various users and groups. I could use of course "setfacl" and POSIX ACLs to accomplish that, but some of these ACL should be also able to be set by some users. These users of course has no access to my linux host where samba3 is running, so they only can do that by right-clicking the directory/file and set the permissions through Windows explorer. Unfortunately this doesn't work in our case. My filesystem where the samba3 shares reside on is mounted with acl and xattr and I have double-checked that. Posix ACLs work fine. But as soon as the owner of a directory or file tries to add some other users with access on it, the change is not applied after clicking on the button "Apply". It looks like the windows client cannot set these security settings. My share looks like that:
[share1]
path = /disk01/share1
admin users = "@Domain Admins"
read only = No
create mask = 0775
directory mask = 0775
nt acl support = yes
vfs objects = acl_xattr
invalid users = @restricted
the command "mount" shows:
[...]
/dev/xvdb1 on /disk01 type ext4 (rw,acl,user_xattr)
[...]
What am I doing wrong, why this doesn't work? Any help appreciated.
Thanks in advance,
Lucas.
More information about the samba
mailing list