[Samba] Samba, ACLs and 'primary group'...
rpenny at samba.org
Wed Feb 5 14:45:29 UTC 2020
On 05/02/2020 14:31, Marco Gaiarin via samba wrote:
> Mandi! Rowland penny via samba
> In chel di` si favelave...
>> Do you have ANY Windows clients ?
> Sure! Most of my clients are windows.
>> If the answer is yes, then you need to follow the 'Setting up a share using
>> windows ACLs' page and make your Linux clients work with this.
>> If the answer is no, then you can follow the POSIX ACLs page.
>> Do not try to mix the two.
> Rowland, i'm simply trying to understand, or better, trying to match my
> experience with Samba in NT mode with AD mode.
An nt4-style domain is nothing like an AD domain, yes there are
similarities, but they work very differently.
> In these years seems i've sticked with 'POSIX ACLs', building around
> policy and scrpts to manage ACLs, so probably it is better to keep at
> it (for me, of course).
> And my Windows client works happily!
If you only had Unix clients, then you could stick with this way of
doing things, but you have Windows clients, so you need to work the
Windows way and make your Unix clients work the same way.
> Also, for the tests i've done, 'windows ACL' works as depicted on the
> wiki page if and only if you set also:
> acl_xattr:ignore system acls = yes
> acl_xattr:default acl style = windows
It works for me without those lines.
More information about the samba