[Samba] File-Server update from Samba 3.6 to Samba 4.1

Marc Muehlfeld mmuehlfeld at samba.org
Tue Feb 3 07:15:47 MST 2015

Hello Andreas,

Am 03.02.2015 um 13:29 schrieb Andreas Hauffe:
> The first question is, what to do with the existing TB of data (user homes, global exports, 
> a.s.o.) only with POXIS ACLs (owner,group,others). Do I have to set the more complex 
> Windows ACLs for every folder or file to get at least the same access rights as before?

It's not recommended to use the DC as a file server. Put your data on a
member server. If you currently have all data on your PDC, you could
configure this machine as a member server after you did the
classicupgrade (on a different host). The AD DC, doesn't have to be a
very powerful machine, if you don't have thousands of users flooding you
with authentication. :-)

You can use Posix ACLs, like ever in the past.

Where do you have your IDs stored atm? In openLDAP? Then it's easy. If
you do the classicupgrade, the process moves the IDs to AD. You can
configure your member servers to use RFC2307 idmap backend. Then all
files are owned by the same users/groups.

> The second question is, if it is possible to export the same file system/folders as an 
> NFS4 export and a Samba4 share or if there are problems concering the ACLs?

Sorry. Never tried this. But surely someone else can answer that. :-)


More information about the samba mailing list