[Samba] Best practice to import folders to Samba?

L.P.H. van Belle belle at bazuin.nl
Thu Jun 3 11:43:35 UTC 2021 

Hmm, did you set in smb.conf : 


    # User Administrator workaround, without it you are unable to set privileges/rights
    # A must for samba Domain members
    username map = /etc/samba/samba_usermapping 

/etc/samba/samba_usermapping  contains 
!root = ADDOM\Administrator ADDOM\administrator 

That should make the mapping so "Administrator" can see and operate "as root" 

Also, on the department folder. I see 750 as right. 
chown -R root:root .. 
chmod 2770 -R .. 


Then try again. 


Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: Anders Östling [mailto:anders.ostling at gmail.com] 
> Verzonden: donderdag 3 juni 2021 13:32
> Aan: L.P.H. van Belle
> Onderwerp: Re: [Samba] Best practice to import folders to Samba?
> 
> Hi Lois
> 
> I did exactly as you proposed, and here is what it looks like after
> 
> root at hp-fs1:/HP-data/documents# setfacl --recursive 
> --remove-all Ekonomi
> root at hp-fs1:/HP-data/documents# chmod -R o-rwx Ekonomi
> root at hp-fs1:/HP-data/documents# ls -l
> total 24
> drwxr-x---  12 administrator hp_ekonomi_ro 4096 jun  3 13:05 Ekonomi
> root at hp-fs1:/HP-data/documents# chown -R root:root Ekonomi
> root at hp-fs1:/HP-data/documents# ls -l
> total 24
> drwxr-x---  12 root          root         4096 jun  3 13:05 Ekonomi
> 
> At this point I could not see the folder Ekonomi at all (logged in as
> user Administrator on the domain). So I altered the owner from
> root.root to root.administrator. That made the folder visible again



> 
> root at hp-fs1:/HP-data/documents# chown -R administrator:root Ekonomi
> 
> And the end result is this, not at all what I expected it to be
> 
> I must be doing something wrong here...
> /Anders
> 
> On Thu, Jun 3, 2021 at 1:16 PM L.P.H. van Belle via samba
> <samba at lists.samba.org> wrote:
> >
> > Hai Andres,
> >
> > You can copy everything to the new locations and then 
> remove all old acls.
> >
> > echo "Removing old ACL's"
> > setfacl --recursive --remove-all /srv/samba/datashare
> >
> > echo "Recursively removing access to : other (guests)"
> > chmod -R o-rwx /srv/samba/datashare
> >
> > echo "Re-apply root:root on /srv/samba/datashare"
> > chown -R root:root /srv/samba/datashare
> >
> > ! Root:root is use, so only the Administrator can create 
> new folders and set rights from this point.
> >
> > At this point all subfolders are clear and ready for the new acl's.
> >
> >
> > Good luck.
> >
> > Greets,
> >
> > Louis
> >
> >
> >
> >
> > > -----Oorspronkelijk bericht-----
> > > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> > > Anders Östling via samba
> > > Verzonden: donderdag 3 juni 2021 12:57
> > > Aan: sambalist
> > > Onderwerp: [Samba] Best practice to import folders to Samba?
> > >
> > > I am testing to setup a new lab domain, and so far all is 
> good. 2 DC's
> > > and 2 file servers are now in the domain, along with 2 windows 10
> > > clients. Everything works as planned.
> > > Now I would like to import a large set of data files from another
> > > production domain. I have copied some folders into the new lab
> > > domain's fileserver, but permissions and ownership of 
> files are wrong.
> > > The files have retained their old GID's that does not 
> exist in the lab
> > > domain.
> > > So, I am looking for a method to strip off all ACL's and other
> > > permission related data. either before or after the 
> import (whichever
> > > is easiest).
> > > Once the files and folders are "clean", I would like to 
> put them into
> > > a number of prepared shares where they should inherit permissions,
> > > ownership etc from the shared folder.
> > >
> > > I have of course checked the wiki and about 99% of 
> Internet, but cant
> > > find any good and recent guide. Anyone here that have some advice?
> > >
> > > Best regards!
> > > Anders
> > >
> > >
> > > --
> > > ------ -------------------- 8 ------------------ ------
> > > "A wise man once told me - Any idiot can do backups, but 
> it takes a
> > > genius to successfully restore"
> > >
> > > Anders Östling
> > > +46 768 716 165 (Mobil)
> > > +46 431 45 56 01  (Hem)
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions:  https://lists.samba.org/mailman/options/samba
> > >
> > >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> 
> 
> 
> -- 
> ------ -------------------- 8 ------------------ ------
> "A wise man once told me - Any idiot can do backups, but it takes a
> genius to successfully restore"
> 
> Anders Östling
> +46 768 716 165 (Mobil)
> +46 431 45 56 01  (Hem)
>

More information about the samba mailing list