[Samba] Any drawback in changing primary group of domain users ?
Rowland penny
rpenny at samba.org
Fri Feb 26 10:28:14 UTC 2021
On 26/02/2021 09:41, Roy Eastwood via samba wrote:
> @Rowland I think the OP's problems stem from the fact that both POSIX ACLs and Windows ACLs are in play.
On the wikipage:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
It says this:
Do not set ANY additional share parameters, such as force user or valid
users. Adding them to the share definition can prevent you from
configuring or using the share.
However, there isn't anything on the POSIX wikipage:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_POSIX_ACLs
> I have scanned the WiKi and can find no reference to adding the line:
> acl_xattr:ignore system acl = yes
> to either the share share definition or the global section of smb.conf when using Windows ACLs.
Using that setting only really makes sense if you are using Windows
ACL's, because you want to use the system acl's if using setfacl.
Whichever method you use, Windows or POSIX ACL's, you should not mix
them. Either set the permissions from Windows or on the Samba server
using setfacl.
Rowland
> Is it worth making this clear by adding it to the https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
> page?
>
> Roy
More information about the samba
mailing list