I can answer part of that - meaning, the part about the ACLs.
An ACL simply contains entries that controls access to objects (files,
folders, etc.). These entries will specify a user (or group of users) that
can access a particular object - as well as the type of access that is
allowed.
When a user logs onto a MS domain, an access token is created that "holds"
the users credentials. When a user tries to access an object, the
credentials in the token are compared with the info in the ACL. If there's
a match, the user is granted access to that particular object.
As far as SAMBA is concerned, I'm afraid that's still alien territory for
me.
John
Summerfield To: [EMAIL PROTECTED]
<[EMAIL PROTECTED] cc:
.au> Subject: Re: NT server consolidation
with
Sent by: Linux samba
on 390 Port
<[EMAIL PROTECTED]
ARIST.EDU>
01/30/2002
04:31 PM
Please respond
to Linux on 390
Port
> For the benefit of those of us who are only too ready to admit all our
> ignorance when it comes to Linux on the Mainframe, could someone explain
> what ACLs (Access Control Lists are and how they relate to SAMBA?
>
> We had a set of NT servers lately that we wanted to migrate to Linux/390
> SAMBA for cost purposes. The cost savings would have been enormous. The
NT
> weenies did everything they could to shut us up and "prove" that we
couldn't
> do the job, desparately looking for anything and everything that NT could
do
> that SAMBA couldn't. They finally focused on the fact that individual NT
> users can define, by userid, who has what privileges on each file in
their
> shared folder and SAMBA can't do that unless the administrator goes in
and
> does it for them. They managed to turn it into a show-stopper for us.
>
> Could ACLs do this for us?
>
> If so , where do we get it for 390 Linux?
>
i have a supplementary question:
I recently set up Samba as a PDC. I'm certainly no Windows guru - when it
comes to Windows networking I hope it's like OS/2 until proven wrong.
One thing I can do on NT is define classes of users - regular impotents,
power users, administrators.
All I could discover on Linux was how to create administrators, - everyone
else is a regular impotent.
Can one create different classes? if so, how?
--
Cheers
John Summerfield
Microsoft's most solid OS: http://www.geocities.com/rcwoolley/
Note: mail delivered to me is deemed to be intended for me, for my
disposition.
