[Samba] setfacl: Option -m: Invalid argument near character 3
Rowland Penny
rowlandpenny at googlemail.com
Fri Dec 19 09:11:40 MST 2014
On 19/12/14 15:30, Rich Webb wrote:
> Actually it looks like it is working properly with the exception of a
> couple of items. Domain Users is properly being mapped to the "users"
> unix group so that is probably fine. What I don't have the ability to
> do is use groups such as "Authenticated Users" or "Everyone" or "System"
> in any of the acls. Additionally I cannot edit permissions from my
> windows machine. I am manually having to do it with setfacl which is
> working. This at least gives me a workable solution until I can sort
> out all this other stuff.
>
> Ideally I would like to be able to edit the ACLs from the windows admin
> machine.
>
> If there is any other insight into why these other issues might be
> happening I would appreciate it and I very much thank everyone that has
> helped me. This has saved me from having to completely abandon this
> install for that of something like Zentyal that has all this working.
>
> Rich
>
> -----Original Message-----
> From: samba-bounces at lists.samba.org
> [mailto:samba-bounces at lists.samba.org] On Behalf Of Rich Webb
> Sent: Friday, December 19, 2014 9:07 AM
> To: samba at lists.samba.org
> Subject: Re: [Samba] setfacl: Option -m: Invalid argument near character
> 3
>
> Looks like that worked but the UIDs probably need to be mapped more
> appropriately - how do I take care of that?
>
> getent group "domain users"
> DOMAIN\Domain Users:*:100:
>
> Rich
>
> -----Original Message-----
> From: samba-bounces at lists.samba.org
> [mailto:samba-bounces at lists.samba.org] On Behalf Of Rich Webb
> Sent: Friday, December 19, 2014 9:05 AM
> To: samba at lists.samba.org
> Subject: Re: [Samba] setfacl: Option -m: Invalid argument near character
> 3
>
> find . -name libnss_winbind.so -print
> ./lib64/libnss_winbind.so
>
> It's there so just add winbind to the nsswitch.conf? Restart anything?
>
> Thanks,
> Rich
>
>
> -----Original Message-----
> From: samba-bounces at lists.samba.org
> [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny
> Sent: Friday, December 19, 2014 9:03 AM
> To: samba at lists.samba.org
> Subject: Re: [Samba] setfacl: Option -m: Invalid argument near character
> 3
>
>
> OK, do you have 'libnss_winbind.so' on your system ? it would normal be
> in /usr/lib or similar. If you have, then it probably just needs
> 'winbind' adding to the 'passwd' & 'groups' lines in /etc/nsswitch.conf.
>
> If you cannot find it then it needs to be installed, anybody know which
> Sernet package provides it ??
>
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
OK, you now have winbind working, but you are falling into the trap of
expecting WINDOWS builtin users & groups to be mapped to Unix ones, this
does happen but not as you think, it is done via idmap.ldb. I would
suggest that you go and read this:
https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO
Specifically, the Introduction part.
Rowland
More information about the samba
mailing list