[Samba] Shares with Windows ACLs on standalone server?

Marc Muehlfeld mmuehlfeld at samba.org
Tue Sep 22 07:00:12 UTC 2015

Hello Mathias,

Am 21.09.2015 um 18:22 schrieb mathias dufresne:
> NT4 domains are old Microsoft domain.
> AD domains are new version of Microsoft domain, they came up with Windows
> 2000 Server.
> Samba 3 is able to host NT4 domain.
> Samba 4 is able to host both NT4 and AD domains. Not at same time of course
> : )


> AD domains in Samba4 do *not* support LDAP backend.

Not directly. Samba AD uses it own built-in LDAP server.

> Finally the ACLs part.
> Here I use Samba4 acting as AD domain, file systems are XFS and shares
> automagically support Windows ACLs.
> Perhaps if you don't need LDAP as backend you can design a file server
> using Samba4 which support Windows ACLs without doing anything more than
> installing Samba + declaring a new share + declaring a new user...

If you're having and AD, and not and standalone server like the subject
of the mail says, then you don't need LDAP (remember Samba AD has one
built-in). In this case you're looking for a Member Server:
Users can be administered central via RFC2307

However, if you're not having any domain, you're looking for a
standalone server (install Samba, setup share in smb.conf, create user).
We don't have this in the Wiki yet, but there are thousands of pages out
there showing examples.


More information about the samba mailing list