[Samba] Samba4 binding LDAP Server
steve
steve at steve-ss.com
Mon Jun 2 05:57:33 MDT 2014
On Sun, 2014-06-01 at 22:28 -0300, Danilo Mussolini wrote:
> Yes, maybe I'm wrong naming that.
> As Rowland said it is a standalone server which authenticates users
> from LDAP.
>
>
> I have just noticed something in my tests with this file server. As
> mentioned before, I have the following share:
>
>
> [Test]
> comment = test
> path = /u01
> read only = no
>
>
>
>
> And /u01 folder has the following permissions:
>
>
> drwxrwsr-x 5 root o2pos 4096 Jun 1 13:16 u01
>
What does:
getfacl /u01
look like?
>
>
>
>
> I'm authenticating with the user mussolini (which is my name :)) from
> the LDAP database:
> [root at Nemesis ~]# id mussolini
> uid=3001(mussolini) gid=3001(mussolini)
> groups=3001(mussolini),3003(admins),3014(o2pos)
>
>
>
>
> The authentication is done and the share Test is mounted successfully,
> but even my user been a member of "o2pos" group, I can't write in
> this folder. So, if I change the group owner of the u01 folder to
> "admins" (which also has my user as member) I can write files and
> folders normally in the Test share. Curious , isn't it ?
>
>
> Just to remember, this only happens in Samba4.
>
try:
setfacl -m -R g:o2pos:rw /u01
HTH
Steve
More information about the samba
mailing list