[Samba] ACLs on OUs
Matthieu Patou
mat at samba.org
Mon Jun 1 13:52:30 MDT 2015
On 05/28/2015 04:55 AM, mathias dufresne wrote:
> Hi all,
>
> When created through RSAT OUs receive, by default, ACLs to refuse removal.
Actually I don't think it's true.
By default RSAT tools propose to mark as "prevent object from accidental
removal".
> When created through LDIF and ldbadd OUs do not receive these ACLs.
>
> Is there a way to create these ACLs using command line tools?
You need to alter the security descriptor do deny the SD and DT rights
to everyone on the OU, I don't recommend you to do so.
Would be better to have a tool in samba-tool to mark an object as
"prevent from accidental removal", you agree please file an enhancement
request in our bugzilla.
--
Matthieu Patou
Samba Team
http://samba.org
More information about the samba
mailing list