I am running samba 3.0.4 member server in domain mode bound to an NT4 PDC.
I am running winbind to get domain account info. I can create ACL
entries using
the unix setfacl comand and can verify with getfacl. However a Win2K client
will only show the basic user/group/other permisions translated to
windows ACLs
and none of the extended ACL entries that I have created under unix. I
can also not
add and ACL entries using the win2k security tab. Ie add a DOMAIN\User
entry
to the files ACL. Are extended unix ACLs known to work with windows clients
under samba.
Regards
Mike
--
Mike Sullivan V.P. Performance Computing
@lliance Technologies, Voice: (416) 385-3255 x 228,
18 Wynford Dr, Suite 407 Fax: (416) 385-1774
Toronto, ON, Canada, M3C-3S2 Toll Free:1-877-216-3199
http://www.alltec.com
Yes, as far back as 2.2.something Samba supports ACLs so long as the underlying filesystem on the server supports ACLs. First things to check: 1) Your underlying filesystem has ACL support. 2) You Samba has been compiled with ACL support. Verifying the above will differ somewhat from distro to distro. -- Nathan R. Valentine <nathan@nathanvalentine.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20040515/afd0403c/attachment.bin
Nathan
I have configured with the following flags.
./configure --with-winbind --with-acl-support --with-pam --with-smbmount --w
ith-ads
and the OS definately supports ACLs as I can add domain users via the
setfacl command. Even when I add an ACL entry via this method the
security tab on the PDC will not display anything other than the
owner/group/Everyone permissions. I get permission denied when I try
to add an ACL entry via the PDC gui tool.
Mike
>Yes, as far back as 2.2.something Samba supports ACLs so long as the
>underlying filesystem on the server supports ACLs. First things to
>check:
>
>1) Your underlying filesystem has ACL support.
>2) You Samba has been compiled with ACL support.
>
>Verifying the above will differ somewhat from distro to distro.
>
>--
>Nathan R. Valentine <nathan at nathanvalentine.org
<http://lists.samba.org/mailman/listinfo/samba>>
>-------------- next part --------------
>A non-text attachment was scrubbed...
>Name: not available
>Type: application/pgp-signature
>Size: 189 bytes
>Desc: This is a digitally signed message part
>Url :
http://lists.samba.org/archive/samba/attachments/20040515/afd0403c/attachment.bin
>
>
--
Mike Sullivan V.P. Performance Computing
@lliance Technologies, Voice: (416) 385-3255 x 228,
18 Wynford Dr, Suite 407 Fax: (416) 385-1774
Toronto, ON, Canada, M3C-3S2 Toll Free:1-877-216-3199
http://www.alltec.com