[Samba] Computer Management - Share Security - No Read Access
rpenny at samba.org
Fri Feb 22 16:10:33 UTC 2019
On Fri, 22 Feb 2019 10:45:38 -0500
Marco Shmerykowsky via samba <samba at lists.samba.org> wrote:
> -------- Original Message --------
> Subject: Re: [Samba] Computer Management - Share Security - No Read
> Date: 2019-02-22 10:30 am
> From: Marco Shmerykowsky <marco at sce-engineers.com>
> To: "L.P.H. van Belle" <belle at bazuin.nl>
> > Ok, debian?
> > https://github.com/thctlo/samba4/blob/master/howtos/stretch-base-3.1-samba-member-debian-install.txt
> > https://github.com/thctlo/samba4/blob/master/howtos/stretch-base-3.2-samba-member-fileserver.txt
> > Have a look at it, it might give you some ideas, this is how i
> > install my servers.
> > I needs a bit of updating, but in general its still ok.
> > Just keep an eye on the smb.conf and its contents that might need a
> > bit updateing.
> > And use : apt-get install samba winbind acl attr libnss-winbind
> > libpam-winbind \
> > ntp krb5-user bind9utils ldb-tools smbclient -y
> Two things that I notice which differ from the information on
> see on the wiki to date:
> 1) Your install routine mentions 'acl'
> Yes the wiki mentions make sure its installed and I thought
> I had checked this, but shouldn't it be listed on the wiki?
This is a 'belt and braces approach'. it is normally installed by
default on Debian based distros.
> 2) The wiki old mentioned SeDiskOperatorPivilege
> The member-fileserver document seems to set a number
> of items. Is this belt and suspenders or do all this
> things need to be set explicitly?
Certain things need to be in place before you can set the permissions
from Windows, the wiki page shows these steps. The only step I didn't
state in the document I sent you is (and I Apologise for this), you
must log into Windows as either 'DOMAIN\Administrator' or as
'DOMAIN\username' where 'username' is a user that is a member of
More information about the samba