[Samba] Home Folder

Carlos A. P. Cunha carlos.hollow at gmail.com
Mon Jul 11 16:41:24 UTC 2016 

Hello!
But when I add the User the way "Home folder" the folder is 
automatically created it already comes with these permissions:


getfacl rs-01 /
# File: rs-01 /
# Owner: administrator
# Group: domain \ 040users
user :: rwx
user: rs-01: rwx
user: administrator: rwx
group :: r-x
group: domain \ 040users: r-x
group: BUILTIN \ 134administrators: rwx
mask :: rwx
other :: ---
default: user :: rwx
default: user: rs-01: rwx
default: user: administrator: rwx
default: x r-group ::
default: group: domain \ 040users: r-x
default: group: BUILTIN \ 134administrators: rwx
default: mask :: rwx
default: other :: ---


and something else as well "ACL entry to" --- "." ??


Thanks!!!


Em 11-07-2016 09:59, mathias dufresne escreveu:
> Hi Carlos,
>
> Your problem is userA can access home directory of userB?
>
> If your issue is only that, then you are right, this issue comes from 
> the fact all AD users are, by default, in "Domain users" and your Home 
> directories grant "Domain Users" "r-x" which means "read and enter" 
> when applied to directory.
>
> Simply remove "Domain Users" from these ACL or change "Domain Users" 
> ACl entry to "---".
>
> Cheers,
>
> mathias
>
> 2016-07-10 0:31 GMT+02:00 Carlos A. P. Cunha <carlos.hollow at gmail.com 
> <mailto:carlos.hollow at gmail.com>>:
>
>     Hello! I am following the how to
>
>     https://wiki.samba.org/index.php/User_home_drives
>
>     But even though there reported a process for User X does not
>     access the home of Y User, this is happening
>
>     root at fileserver:/srv/samba# getfacl home/
>     # file: home/
>     # owner: root
>     # group: root
>     user::rwx
>     user:root:rwx
>     user:administrator:rwx
>     group::r-x
>     group:root:r-x
>     group:5007:r-x
>     group:domain\040admins:rwx
>     group:5024:rwx
>     mask::rwx
>     other::---
>     default:user::rwx
>     default:user:root:rwx
>     default:user:administrator:rwx
>     default:group::r-x
>     default:group:root:r-x
>     default:group:domain\040admins:rwx
>     default:group:5024:rwx
>     default:mask::rwx
>     default:other::---
>
>     ------------------
>
>     root at fileserver:/srv/samba/home# getfacl rs-01/
>     # file: rs-01/
>     # owner: administrator
>     # group: domain\040users
>     user::rwx
>     user:rs-01:rwx
>     user:administrator:rwx
>     group::r-x
>     group:domain\040users:r-x
>     group:BUILTIN\134administrators:rwx
>     group:domain\040admins:rwx
>     group:5024:rwx
>     mask::rwx
>     other::---
>     default:user::rwx
>     default:user:rs-01:rwx
>     default:user:administrator:rwx
>     default:group::r-x
>     default:group:domain\040users:r-x
>     default:group:BUILTIN\134administrators:rwx
>     default:group:domain\040admins:rwx
>     default:group:5024:rwx
>     default:mask::rwx
>     default:other::---
>
>
>     ----------------------
>
>     From what I think is, the problem is with the permissions of the
>     group "Domain user" but that and automatically set, because it is
>     the default group of users.
>
>
>     Any idea ?
>
>     Thank you
>
>
>
>
>
>     -- 
>     To unsubscribe from this list go to the following URL and read the
>     instructions: https://lists.samba.org/mailman/options/samba
>
>

More information about the samba mailing list