[Samba] File share permissions act different on member server than on DC
Marc Muehlfeld
samba at marc-muehlfeld.de
Tue Oct 15 11:46:11 MDT 2013
Hello Keith,
Am 15.10.2013 03:29, schrieb Keith McCormick:
> To enable my member server's ACLs to work just like the DC, as far as
> Windows is concerned, I needed to add the following parameters to the
> global section of smb.conf file on the member server:
>
> vfs objects = acl_xattr
> map acl inherit = yes
> store dos attributes = Yes
>
> These parameters are apparently added in the background by default for
> the smbd processes that are spawned by samba. Until I added those items,
> just like you I could never get the ACLs to stick and work correctly.
> Many of them were incorrectly labeled, also, even though the number was
> correct and the same as on the DC.
I tried your suggestion and it works like on the DC (without the VFS
module).
But I'm not sure, if this is like Samba should act. I would expect that
filesystem ACLs are handled in the same way on a DC and on member servers.
Regards,
Marc
More information about the samba
mailing list