[Samba] using the DC as a file Server in AD
Klaus Hartnegg
hartnegg at uni-freiburg.de
Thu Jun 11 03:01:30 MDT 2015
Am 10.06.2015 um 03:25 schrieb Mike:
> I'm learning to be very deliberate with changing posix and windows acl's so
> I don't disturb users' access to files and folders.
> I check acl's on a specific file/folder on the server with getfacl.
> Then make one small acl modification to one file in a sub-directory of a
> share.
> Then record the difference reported by getfacl again.
> Then will access the same file from Windows RSAT console as the Domain
> Admin and note the permissions indicated on the Security tab.
If you use acl_xattr (default in AD mode) and change permissions in
Linux, this will reset all permissions that were previously set from
Windows. Use either setfacl or the security tab, but do not mix them.
More information about the samba
mailing list