[Samba] Domain Member Server (wheezy) - Unable to edit permissions of share without usermapping - shall I add to Wiki?
Rowland Penny
rowlandpenny at googlemail.com
Wed Mar 4 13:13:04 MST 2015
On 04/03/15 19:25, Davor Vusir wrote:
> If I remember correctly it doesn't matter what combinations you
> 'chmod' to. It changes to 755 as soon as you change ACLs from Windows.
> I suggest you add uid- and gidnumber to all users and groups and chown
> to a user:group (or perhaps group:group if possible). For example
> chown FileShareAdmin:FileShareAdminGroup and let the user account
> which operates the file share be a member of group
> FileShareAdminGroup. With this approach you get some degree of
> security if you also allow users to logon to the server with ssh for
> example. And of course home directories.
>
> Choice 3 and uid-/gidNumber assigned.
>
> Regards
> Davor
>
You must be mis-remembering because I just tried it and the Unix acls do
not change, mind you I never thought they would. The windows ACLs now
show with getfacl, so this may be what you are getting mixed up with.
As for giving all users and groups an ID number, just how far do you
suggest an admin goes? do you suggest that all the 'well known sids' be
given an ID ?
Rowland
More information about the samba
mailing list