[Samba] vfs_recycle disables permissions inheritance on AD DC shares
Sebastian Arcus
s.arcus at open-t.co.uk
Mon Dec 2 17:06:25 UTC 2019
On 02/12/19 16:53, Rowland penny via samba wrote:
> On 02/12/2019 16:24, Sebastian Arcus via samba wrote:
>>
>> I'm not sure what do you mean by 'sites'. They are a number of
>> different physical sites, but they are independent small lan's, with
>> no connection to each other, if that is the question? I have seen the
>> advice in the wiki against using the DC as a file sharing server, but
>> I am not clear as to why exactly that is a bad idea - and the wiki
>> doesn't go into much detail. The servers certainly have performed very
>> well for the past 3 years or so. These are small networks, with around
>> 10 clients each.
>>
> For 'sites', see here:
> https://wiki.samba.org/index.php/Active_Directory_Sites
Oh - I see what you mean now. Sorry - my fault - I shouldn't have used
the word "site" - it just confused the conversation. These are different
organisations, which have no connection to each other, and all networks
are completely independent from each other. There is suppose to be no
link or connection between them in any way (except that I happen to look
after them all :-) ).
>
> Basically, it is how you seem to be running AD, it just enforces it a
> bit more ;-)
>
> Without 'sites' your clients could use the local DC, but they could also
> any DC in your domain. With 'sites', they will use the local DC unless
> it has failed.
>
> For more info, see here:
>
> https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/understanding-active-directory-site-topology
</snip>
More information about the samba
mailing list