[Samba] editing samba-share ACLs etc from Windows
rpenny at samba.org
Thu Oct 20 11:14:14 UTC 2022
On 20/10/2022 12:04, Stefan G. Weichinger via samba wrote:
> Am 20.10.22 um 11:13 schrieb Rowland Penny via samba:
>>> # Use settings from AD for login shell and home directory
>>> winbind nss info = template
>> That is interesting, mainly because you are using the idmap 'rid'
>> backend, you can only use rfc2307 attributes from AD if you use the
>> idmap 'ad' backend, so you might as well remove those two lines.
>>> template shell = /bin/bash
>>> template homedir = /mnt/samba/Daten/%U
> The lines above or below your comment?
The lines 'above', I would have said 'these' if I meant the lines
'below', unless I was having another senior moment :-D
>>> # ACLs
>>> store dos attributes = Yes
>>> map acl inherit = Yes
>>> #vfs objects = acl_xattr full_audit
>>> vfs objects = acl_xattr
>>> # Audit settings
>>> full_audit:prefix = %u|%I|%m|%S
>>> full_audit:failure = connect
>>> full_audit:success = mkdir rmdir read pread write pwrite rename unlink
>>> full_audit:facility = local5
>>> full_audit:priority = notice
>> You might as well comment out the audit settings, you are not using them.
> Sure, understood. Disabled that a while ago.
>>> comment = Daten
>>> path = /mnt/samba/
>>> read only = No
>>> create mask = 0775
>>> directory mask = 02775
>>> force directory mode = 0775
>>> #wide links = yes
>>> #veto oplock files = /*.DAT/*.dat/
>>> #oplocks = False
>>> #level2 oplocks = False
>> OK, where does it say to add all those extra lines to the share ? It
>> certainly doesn't say it here:
> As mentioned: historic and grown config ...
I suggest you add a 'test' share following the wikipage I pointed to
earlier and see if that works.
>> You didn't post the share permissions I asked for, is it possible you
>> can do so ?
> Where do I take these from?
ls -ld /mnt/samba
More information about the samba