[Samba] SAMBA4 member and file server

[Craig SHONE]

Hi everyone

 

Needing some advice with regards to setting up a SAMBA 4 file server in a
SAMBA 4 AD domain (I come from Windows so bear with me please).

 

I've followed the wiki guidelines and successfully setup a SAMBA4 domain
controller in ESXI, created some test user accounts and joined my
workstation to the domain, DNS works fine, can log in with no problem,
Windows RSAT tools runs fine in creating the test user accounts, etc.  DC
was provisioned with --use-rfc2307.

 

Now I'm trying to setup a separate SAMBA4 file server, have created the
smb.conf as per the wiki, joined the file server to the domain and granted
Domain Admins SeDiskOperatorPrivilege.

 

Issue I'm facing is in creating shares and setting ACL's on them for Domain
Admins to change the permissions via a Windows machine.   Pretty sure I have
to set uid and gid using the RSAT tools for the various groups and users I
have created as I didn't set Domain Users to 10000 before adding more users
and groups and letting SAMBA increment them automatically.

 

Can anyone confirm if my assumption is correct and point me to the right
procedure to assign what is needed so that I can set the ACL's on my file
server?

 

Thank you

Craig.