On Thu, 23 Feb 2012, Jeremy Agee wrote:
> You should also be able to use the filesystem to control access to
> the smb share.  If acl support is on the filesytem, you can use
> these as well.  Samba should have "nt acl support = Yes" set by
> default.
Yes, this will work -- as long as SSSD or nss_ldap would be delivering 
IPA users and groups properly. This does not give the same centralized 
way of managing things though, ACLs need to be set on each server 
separately (for better, probably). 

Also, you'd still give out the fact test2 is existing on the server 
which might be unreasonable information leak in certain circumstances.

/ Alexander Bokovoy

Freeipa-users mailing list

Reply via email to