Hi all, I followed the installation instructions on https://imanudin.net/2014/11/16/how-to-install-samba4-active-directory-on-centos-7-part-1/#comment-16611 to install Samba 4.1.13. One difference is that I used the Internal DNS server as opposed to the external one. I was able to add a Windows 7 Pro workstation to the domain and I see the shares I added in smb.conf (with only the path and the read only setting to "no"), but on those shares I miss the Security tab. I added the correct privilege to the administrators group.The default shares like netlogon and sysvol do show the Security tab. I did see a difference when I do a getfacl for those folders as opposed to the ones I created. For the latter I do not get any ACL configuration. Am I supposed to do a manual setfacl for my own shares? One other thing is that the administration of the shares behaves unstable when I have IPv6 enabled, so that is disabled now. I have been browsing the web for hours, but it doesn not seem to be a typical problem. I hope someone has an idea, cheers all! Met Vriendelijke Groet, Kind Regards, Salutations, Bart Coninckx Bits 'n Tricks BVBA Hoge Mierdse Heide 182 2360 Oud-Turnhout tel. +32 14 480 820 gsm +32 478 88 33 08 info at bitsandtricks.com http://www.bitsandtricks.com BTW: BE0817.401.875 Crelan BE46 8601 0806 3436 Voor onze Algemene Voorwaarden, zie: http://www.bitsandtricks.com/index.php/contact/algemene-voorwaarden
On Sat, 4 Mar 2017 22:09:16 +0100 Bart Coninckx via samba <samba at lists.samba.org> wrote:> Hi all, > > > I followed the installation instructions > on https://imanudin.net/2014/11/16/how-to-install-samba4-active-directory-on-centos-7-part-1/#comment-16611 > to install Samba 4.1.13. One difference is that I used the Internal > DNS server as opposed to the external one.I suppose you totally missed the fact that the 4.1.x series went EOL quite some time ago, in fact 4.6.0 should be out this month. Why follow that particular howto ?> > > I was able to add a Windows 7 Pro workstation to the domain and I see > the shares I added in smb.conf (with only the path and the read only > setting to "no"), but on those shares I miss the Security tab. I > added the correct privilege to the administrators group.The default > shares like netlogon and sysvol do show the Security tab. > > I did see a difference when I do a getfacl for those folders as > opposed to the ones I created. For the latter I do not get any ACL > configuration. > > > Am I supposed to do a manual setfacl for my own shares?Yes> > One other thing is that the administration of the shares behaves > unstable when I have IPv6 enabled, so that is disabled now.Could be down to not having the reverse zone set up.> > > I have been browsing the web for hours, but it doesn not seem to be a > typical problem.Did you think to go to the source ???? https://wiki.samba.org/index.php/Main_Page Specifically this page: https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs Rowland
Hi Rowland,>> Hi all, >> >> >> I followed the installation instructions >> on https://imanudin.net/2014/11/16/how-to-install-samba4-active-directory-on-centos-7-part-1/#comment-16611 >> to install Samba 4.1.13. One difference is that I used the Internal >> DNS server as opposed to the external one.>I suppose you totally missed the fact that the 4.1.x series went EOL >quite some time ago, in fact 4.6.0 should be out this month.>Why follow that particular howto ?Well, I googled for a fair amount of them and this one had a fair amount of comments to it, which proved useful as I encountered some of the errors and was able to learn from them. Also, I was able to add my own solutions to other people's problems, which I like. In that way it becomes a community driven How To. In my experience those work out better often.>> >> >> I was able to add a Windows 7 Pro workstation to the domain and I see >> the shares I added in smb.conf (with only the path and the read only >> setting to "no"), but on those shares I miss the Security tab. I >> added the correct privilege to the administrators group.The default >> shares like netlogon and sysvol do show the Security tab. >> >> I did see a difference when I do a getfacl for those folders as >> opposed to the ones I created. For the latter I do not get any ACL >> configuration. >> >> >> Am I supposed to do a manual setfacl for my own shares?>YesOK - I did not find that on https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs . I suppose it should be added to that howto. Can I simply copy the ACLs of "netlogon" or "sysvol"?>> >> One other thing is that the administration of the shares behaves >> unstable when I have IPv6 enabled, so that is disabled now.>Could be down to not having the reverse zone set up.Good point, I don't have that. I suppose I miss a pointer record for the server then.>> I have been browsing the web for hours, but it doesn not seem to be a >> typical problem.>Did you think to go to the source ????>https://wiki.samba.org/index.php/Main_Page>Specifically this page:>https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLsHa, you are now referencing to the page I just mentioned. It does not mention setting ACLs, which should be added I suppose.>RowlandCheers Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba