Dan Hill
2004-Aug-01 16:17 UTC
[Samba] Preserving ACLs on files when copying from NT4 server to Samba 3.0.5 server
Hi guys. I'm running: Mandrake 9.2 Kernel 2.4.22-30mdk XFS file system Samba 3.0.5 plus patches for bugs 1315, 1319 and 1345 (self compiled) OpenLDAP 2.1.22-5mdk smbldap-tools 0.8.5 I was able to join the Samba to the NT PDC as a BDC and vampire without issue. I have setup duplicate shares on Samba and am trying to copy over the data from NT. I have tried scopy, xcopy and copying via GUI from the the NT directly to Samba but ACLs do not seem to flow properly. For example: On NT for a given file using the smbcacls command the perms are ACL:FESFOO\Domain Users:ALLOWED/0/READ ACL:BUILTIN\Administrators:ALLOWED/0/FULL ACL:FESFOO\InfoCenter:ALLOWED/0/FULL when the file or directory is copied to Samba the ACLs become ACL:FESFOO\root:ALLOWED/0/RW ACL:FESFOO\InfoCenter:ALLOWED/0/RW ACL:\Everyone:ALLOWED/0/ I can manually go in and fix these via a windows GUI but when I try to use smbcacls smbcacls -d 3 //spiderman-new/infocenter stim.zip -Uadministrator -M ACL:FESFOO/InfoCenter:ALLOWED/0/FULL I get Connecting to 192.168.242.129 at port 445 Doing spnego session setup (blob length=58) got OID=1 3 6 1 4 1 311 2 2 10 got principal=NONE Got challenge flags: Got NTLMSSP neg_flags=0x60890215 NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60080215 NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60080215 Connecting to host=spiderman-new Connecting to 192.168.242.129 at port 445 Doing spnego session setup (blob length=58) got OID=1 3 6 1 4 1 311 2 2 10 got principal=NONE Got challenge flags: Got NTLMSSP neg_flags=0x60890215 NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60080215 NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60080215 lsa_io_sec_qos: length c does not match size 8 Failed to parse ACL ACL:FESFOO/InfoCenter I have nt 'acl support = yes' in my smb.conf [global] and also have verfied Samba'ss acl support via `ldd /usr/sbin/smbd`. Any ideas how I can proceed? I am hoping to automate some things and not have to redo all the rights from scratch after migrating data. Thanks for your time. ~Dan
éric le hénaff
2004-Aug-05 09:25 UTC
[Samba] Re: Preserving ACLs on files when copying from NT4 server to Samba 3.0.5 server
i may have a related problem too. i recently upgraded from 3.0.2a to 3.0.5. the server's os is debian sarge. it provides more disk space to the domain. before the upgrade, i was able to use a very usefull copy tool : scopy.exe. this tool runs on the pdc (window NT4). i use it to copy files from the old users share on the pdc to the new users share on the samba server. i want to move some shares from the pdc to the samba server. after the upgrade, scopy answers "invalid destination : p:\" each time i try to run it. i plan to downgrade samba to 3.0.2a. thanx "Dan Hill" <dwh6@cwru.edu> a écrit dans le message de news:410D1787.7090900@cwru.edu...> Hi guys. > > I'm running: > > Mandrake 9.2 > Kernel 2.4.22-30mdk > XFS file system > Samba 3.0.5 plus patches for bugs 1315, 1319 and 1345 (self compiled) > OpenLDAP 2.1.22-5mdk > smbldap-tools 0.8.5 > > I was able to join the Samba to the NT PDC as a BDC and vampire without > issue. I have setup duplicate shares on Samba and am trying to copy > over the data from NT. I have tried scopy, xcopy and copying via GUI > from the the NT directly to Samba but ACLs do not seem to flow properly. > For example: > > On NT for a given file using the smbcacls command the perms are > > ACL:FESFOO\Domain Users:ALLOWED/0/READ > ACL:BUILTIN\Administrators:ALLOWED/0/FULL > ACL:FESFOO\InfoCenter:ALLOWED/0/FULL > > when the file or directory is copied to Samba the ACLs become > > ACL:FESFOO\root:ALLOWED/0/RW > ACL:FESFOO\InfoCenter:ALLOWED/0/RW > ACL:\Everyone:ALLOWED/0/ > > I can manually go in and fix these via a windows GUI but when I try to > use smbcacls > > smbcacls -d 3 //spiderman-new/infocenter stim.zip -Uadministrator -M > ACL:FESFOO/InfoCenter:ALLOWED/0/FULL > > I get > > Connecting to 192.168.242.129 at port 445 > Doing spnego session setup (blob length=58) > got OID=1 3 6 1 4 1 311 2 2 10 > got principal=NONE > Got challenge flags: > Got NTLMSSP neg_flags=0x60890215 > NTLMSSP: Set final flags: > Got NTLMSSP neg_flags=0x60080215 > NTLMSSP Sign/Seal - Initialising with flags: > Got NTLMSSP neg_flags=0x60080215 > Connecting to host=spiderman-new > Connecting to 192.168.242.129 at port 445 > Doing spnego session setup (blob length=58) > got OID=1 3 6 1 4 1 311 2 2 10 > got principal=NONE > Got challenge flags: > Got NTLMSSP neg_flags=0x60890215 > NTLMSSP: Set final flags: > Got NTLMSSP neg_flags=0x60080215 > NTLMSSP Sign/Seal - Initialising with flags: > Got NTLMSSP neg_flags=0x60080215 > lsa_io_sec_qos: length c does not match size 8 > Failed to parse ACL ACL:FESFOO/InfoCenter > > I have nt 'acl support = yes' in my smb.conf [global] and also have > verfied Samba'ss acl support via `ldd /usr/sbin/smbd`. > > Any ideas how I can proceed? I am hoping to automate some things and > not have to redo all the rights from scratch after migrating data. > > Thanks for your time. > > ~Dan > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >