[Samba] Posix vs. Windows File/Directory Permissions
1100100 at gmail.com
Fri May 15 08:20:06 MDT 2015
On Fri, May 15, 2015 at 4:37 AM, Klaus Hartnegg <hartnegg at uni-freiburg.de>
> Not sure which email you mean. I don't think that this can happen. If the
> Linux acls are modified, the Windows ACLs are destroyed and all is based on
> the Linux permissions and acls (which looks strange when viewed from
> Window). If the Windows ACLs are modified, Samba automatically adjusts the
> Linux acls accordingly. They should always be in sync.
I think my test demonstrated what you are saying.
I changed a share's permissions from root:root rwxrwxrwx to root:root
And then the windows AD Administrator account was no longer able to access
If I made a linux user account on the server called "Administrator" and did:
setfacl -R -m -u:Administrator:rwx /mnt/data
then the Administrator would be configured using posix acl's for access to
I guess the moral of the story:
if you don't want to setup AD domain users with linux user accounts on the
server, and are serving shares only to windows clients - DON'T touch posix
permissions or acl's. Use Microsoft ADUC and Samba4 will interpret/provide
the acl settings to the linux filesystem.
Is that close to correct?
More information about the samba