[Samba] problem with sessions

Rowland Penny rpenny at samba.org
Fri Mar 3 09:13:11 UTC 2017

On Fri, 3 Mar 2017 08:33:24 +0100
Tony Peña <emperor.cu at gmail.com> wrote:

> about the reverse zone, onf bind files,
> my network is setup to and the PTR file for that
> network exist with all pc clients wrote inside correctly.
> That 0 reverse zone is because to this network we
> need connect it and must be joined into domain 1 PC outside of this
> location, and that pc use that's why i got on the
> reverse file zone "0.168.192.in-addr.arpa"
> what can i do then?

You have seen my reverse zone, just add the reverse zone to AD.

> when you said: "You are trying to use the OS permissions on a Samba
> AD DC, this NOT
> supported."
> ok i can understand that is not supported but browsing into shares.
> using the account test. i can access into that file because using acl
> into filesystem allowed

This is what the wiki page says:

Using the Domain Controller as a File Server

The Samba Active Directory (AD) domain controller (DC) is able to provide file shares, just like all other installation modes. However, the Samba team does not recommend using a DC as a file server because the DC smbd process has some limitations compared with the service in non-DC setups. For example, the auto-enabled acl_xattr virtual file system (VFS) object enables you to only configure shares with Windows access control lists (ACL). Running shares with POSIX ACLs on a Samba DC is not supported.

For 'not supported' read, 'this may look like it works, but it will
ultimately come back and bite you!'

I suggest you set the ACLs from a Windows machine, this will actually
give you better control.


More information about the samba mailing list