[Samba] rights -- structures
Maurizio Caloro
maurizio at caloro.ch
Mon Dec 14 08:00:15 UTC 2020
Hallo
Have a Samba AD DC running 4.13.2 and a fileserver running 4.9.5 that is joined to your Samba AD domain.
Yes and now if I need to add permission on folder
chown Name:smbadmin /home/Userhome
chown invalid user: Name:smbadmin
this machine are join to AD, and the Computer Object are visible, please i need here little update.
Fileserver smb.conf
/shares/Userhome# cat /etc/samba/smb.conf
[global]
realm = CARAG.LOCAL
security = ADS
workgroup = CARAG.LOCAL
server role = member server
vfs objects = acl_xattr
map acl inherit = yes
[USERHOME]
path = /shares/Userhome/
read only = no
so the rights are need to pick up from my AD.
Thanks and best regards
Mauri
-----Ursprüngliche Nachricht-----
Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland penny via samba
Gesendet: Freitag, 11. Dezember 2020 18:51
An: samba at lists.samba.org
Betreff: Re: [Samba] rights -- structures
On 11/12/2020 17:10, Maurizio Caloro via samba wrote:
> Hello
>
> I have now AD 4.13.2 and FileServer with samba 4.9.5 this are joint to
> Domain.
I take it that means you have a Samba AD DC running 4.13.2 and a fileserver running 4.9.5 that is joined to your Samba AD domain.
> I need to create now new a file Share permission structure.
The structure is entirely up to you
> If setting the Domain User and the smbadmin this are a possible
> structure that I can assign different rights folders ?
>
> Domain Users:smbadmin /
Slight problem, it looks like you want to set the owner to 'Domain Users' and the group to 'smbadmin', I take it you really meant 'smbadmin:Domain Users', as a group cannot own things on Unix.
> Domain Users:smbadmin /FolderName-DATA
> Domain Users:smbadmin /FolderName-PICTURES
> Domain Users:smbadmin /FolderName-PICTURES
As I said, the actual structure is up to you, but I wouldn't set it up under one share, I would use a share for each directory
Try reading this:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
It may help if you can post the smb.conf files you are using.
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list