[Samba] Migration of files with Windows ACL's to Samba server
Borut Rozman
borut.rozman at bioch.ox.ac.uk
Fri Jul 28 13:27:34 UTC 2023
Hi Rowland,
Sorry for the vague reply, will add more info:
FS is ext4 over NFS4.0, so from the storage server ls -lad gives me
drwxrws--- 2 privuser serviceaccounts 4096 Jul 28 14:01 testg/
testparam -s
oad smb config files from /etc/samba/smb.conf
lpcfg_do_global_parameter: WARNING: The "encrypt passwords" option is
deprecated
Loaded services file OK.
Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility
fallback)
Server role: ROLE_DOMAIN_MEMBER
# Global parameters
[global]
bind interfaces only = Yes
dns proxy = No
domain master = No
hostname lookups = Yes
interfaces = lo ens19
keepalive = 30
load printers = No
local master = No
log file = /var/log/samba/log.%m
max log size = 1000
min domain uid = 0
netbios name = STORE-SMB1
realm = DOMAIN.EXAMPLE.COM
security = ADS
server string = store-smb1 Samba Server
username map = /etc/samba/user.map
winbind nss info = rfc2307
workgroup = DOMAIN
rpc_server:netlogon = disabled
idmap config domain:unix_primary_group = yes
idmap config domain:unix_nss_info = yes
idmap config domain:range = 10000-999999
idmap config domain:schema_mode = rfc2307
idmap config domain:backend = ad
idmap config * : range = 3000-4999
idmap config * : backend = tdb
hosts allow = 192.168.72.0/255.255.255.0
hosts deny = 0.0.0.0/0
include = /etc/samba/shares.conf
inherit acls = Yes
inherit permissions = Yes
map acl inherit = Yes
vfs objects = acl_xattr
[testg]
comment = Ocms2019 testing share for ACL testing purposes
map archive = No
path = /storage/testg
read only = No
So /storage is a NFS mount from a second server.
server2:/storage/ 201T 40T 153T 21% /storage
regards
Borut
On Fri, 2023-07-28 at 14:12 +0100, Rowland Penny via samba wrote:
>
>
> On 28/07/2023 13:50, Borut Rozman via samba wrote:
> > Hi Nick,
> > Sorry for the late reply, been busy
> > with some other issues, and this was not such a priority
> >
> > Basically I have
> >
> > vfs objects = acl_xattr
> > inherit acls = yes
> > inherit permissions = yes
> > map acl inherit = yes
> >
> >
> > in my samba global config and shares are normal shares:
> >
> > [testg]
> > comment = privuser testing share for ACL testing purposes
> > path = /storage/testg
> > browseable = yes
> > read only = no
> > inherit acls = yes
> > inherit permissions = yes
> > map archive = no
> >
> > But when I want as this user - privuser to change any
> > permissions/acls/anything on any file in that share it gives me:
> > Unable
> > to save permission changes to file, The request is not supported.
> >
> > So looks like I am missing something?
> >
> > Regards
> > Borut
> >
>
> Hi, Whilst you have given us some info, you do not seem to have given
> us
> much. Just about all you have told is that you are running Samba
> 4.17.9
> On Debian 12 and that you are running it as a server, but what sort
> of
> server ?
>
> Would it be possible for you to post the output of 'testparm -s' ?
> Sanitised if you must.
> Also the output of 'ls -lad /storage/testg'
>
> It will probably also help if you can tell us what the filesystem is.
>
> Rowland
>
>
More information about the samba
mailing list