[Samba] csc policy
L.P.H. van Belle
belle at bazuin.nl
Wed Jun 26 07:27:27 UTC 2019
Good morning Christian,
> Hi Louis,
> thanks for the feed back.
Your welkom, doing our best.
> > Hai Christion,
> > So yes, i told you this once before it better to setup the
> windows acl.
> Yes I know...
> > And yes, but these days in win10 everything is more picky
> on correct settings.
> > Set/verify you profile share again, but setup windows
> ACL's. not POSIX acls.
> > See:
> Here the share definition is with out the "csc policy" so this means
> here offline files are enabled. Or do you disable it via GPO?
I have offline still enable, but i can easily disable this with GPO.
I do all my computer/user setting with GPO's.
> > Goto : Setup : Using Windows ACLs
> > And dont look below this line on the wiki: Using POSIX
> ACLs on a Unix domain member
> > Just dont.
> > And be carefull you can/might reset everything on the share.
> > And Verify that permission inheritance is disabled on the
> root of the share
> > If that still gives problems, try adding this setting in
> the profiles share.
> > acl_xattr:ignore system acls = yes
> > And setup the share again, this is a must after you set
> this parameter.
> > Personaly, i still use that parameter on profiles and the
> users share.
> > A bit to avoid windows acl problem and why not set it if
> these shares are only use for windows clients.
> > Note, this is a inheritance of old samba version with bug,
> this solved it all.
> > And im now using it about 3 years without problems on my
> profiles, just saying, i really suggest you test it.
> I appreciate your feed back as you have much more knowledge in that
> area. And I will look at it (when I have time or if this is
> not solvable
> by using offline files).
> However, coming back to "csc policy" do you disable this either on the
> share or by GPO in your environment?
All by GPO, see link above.
More information about the samba