[Samba] samba-tool dsacl woes

samba-ml-en samba-ml-en at protonmail.com
Thu May 26 22:40:30 UTC 2022


Thank you Kees and and Rowland this works like a charm indeed.

Eric

------- Original Message -------
On Friday, May 27th, 2022 at 1:12 AM, Kees van Vloten via samba samba at lists.samba.org wrote:

> I had issues with "samba-tool dsacl" some time ago, Rowland helped to
> find a work-around:
>
> # Return current DS-ACL
> ldbsearch -H /var/lib/samba/private/sam.ldb -s base -b
> 'OU=AMS,OU=Org,DC=ad2,DC=xxx,DC=eu' 'nTSecurityDescriptor'
>
> # Set new DS-ACL
> cat << EOF > tempfile
>
> dn: OU=AMS,OU=Org,DC=ad2,DC=xxx,DC=eu
> changetype: modify
> replace: nTSecurityDescriptor
> nTSecurityDescriptor: {{ put_expected_dsacl_here }}
> EOF
> ldbmodify -H /var/lib/samba/private/sam.ldb tempfile
>
> Hopefully this trick works for you as well
>
> - Kees


More information about the samba mailing list