[Samba] "--use-xattrs=yes" after domain provision (samba4)?

John Westerlund john at iniq.se
Sat May 10 03:27:28 MDT 2014

Hi Andrew and tanks for your time,

samba-tool domain provision --domain=DOMAIN --adminpass=secret \
--dns-backend=SAMBA_INTERNAL --server-role=dc --realm=ad.domain.como
After provision i followed this guide to get "--use-rfc2307"


And then i raised the domain/function level to 2008_r2 manual.

Here is my smb.conf 

# Global parameters
	workgroup = DOMAIN
	realm = ad.domain.com
	netbios name = DC01
	interfaces =
	dns forwarder =
	allow dns updates = nonsecure and secure
	server role = active directory domain controller
	idmap_ldb:use rfc2307 = yes
#	debug level = 5
	path = /var/lib/samba/sysvol/ad.domain.com/scripts
	read only = No

	path = /var/lib/samba/sysvol
	read only = No

----- Ursprungligt meddelande -----
Från: "Andrew Bartlett" <abartlet at samba.org>
Till: "John Westerlund" <john at iniq.se>
Kopia: samba at lists.samba.org
Skickat: lördag, 10 maj 2014 9:40:26
Ämne: Re: [Samba] "--use-xattrs=yes" after domain provision (samba4)?

On Sat, 2014-05-10 at 00:05 +0200, John Westerlund wrote:
> Hi all! Anyone know how to tell samba4 to use "--use-xattrs=yes" after domain provision, i have a lot of users so i cannot recreate the domain from scratch ;(

What is in your smb.conf?
does it have an entry for xattr_tdb:file or posix:eadb?
What provision command line did you run?

On a correctly configured system, we use xattrs and posix ACLs by
default, so first check you really are using something else before you
start worrying.

Then, if you really are using emulated xattrs, just remove
xattr_tdb:file or posix:eadb and run 'samba-tool ntacl sysvolreset'.

I hope this helps,

Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list