[Samba] DC replications of FreeBSD samba-4.10.15
James B. Byrne
byrnejb at harte-lyne.ca
Mon Jul 13 17:46:27 UTC 2020
On Mon, July 13, 2020 12:07, Andrea Venturoli wrote:
> On 2020-07-13 17:10, James B. Byrne wrote:
>
>> [root at smb4-2 ~ (master)]# grep acl /usr/local/etc/smb4.conf
>> vfs objects = dfs_samba4 zfsacl
>>
>> [root at smb4-2 ~ (master)]# service samba_server onestart
>> Performing sanity check on Samba configuration: OK
>> Starting samba.
>>
>> [root at smb4-2 ~ (master)]# getfacl /var/db/samba4/sysvol
>> # file: /var/db/samba4/sysvol
>> # owner: root
>> # group: 3000000
>> owner@:rwxp----------:-------:deny
>> owner@:------aARWcCos:-------:allow
>> group@:rwxp--a-R-c--s:-------:allow
>> everyone@:------a-R-c--s:-------:allow
>
> It won't make any difference, if you enable it now, on the ACLs already
> on disk.
>
> You should try enabling it first and then running "samba-tool ntacl
> sysvolreset" again.
>
> HTH.
> I have no other ideas.
>
> bye
> av.
>
That worked perfectly. Thank you very, very much.
[root at smb4-2 ~ (master)]# samba-tool ntacl sysvolreset
[root at smb4-2 ~ (master)]# getfacl /var/db/samba4/sysvol
# file: /var/db/samba4/sysvol
# owner: root
# group: 3000000
group:3000000:rwxpDdaARWcCo-:fd-----:allow
group:3000001:r-x---a-R-c---:fd-----:allow
group:3000002:rwxpDdaARWcCo-:fd-----:allow
group:3000003:r-x---a-R-c---:fd-----:allow
[root at smb4-1 ~ (master)]# getfacl /var/db/samba4/sysvol
# file: /var/db/samba4/sysvol
# owner: root
# group: 3000000
group:3000000:rwxpDdaARWcCo-:fd-----:allow
group:3000001:r-x---a-R-c---:fd-----:allow
group:3000002:rwxpDdaARWcCo-:fd-----:allow
group:3000003:r-x---a-R-c---:fd-----:allow
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Unencrypted messages have no legal claim to privacy
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
More information about the samba
mailing list