> > > A late change turned on read ACL enforcement, but your directory won't
> > > have the correct ACLs set, so you can set 'acl:search=false' to return
> > > to rc5 behaviour here, until we provide an upgrade script. (This seems
> > > to hit joining windows DCs to the domain in particular).
> >
> > I added it to globals in smb.conf but could you explain why is it
> > required and what it does?
>
> With that option ('acl:search=false'), we have the same behaviour that
> we have before rc6, that is that all users can read all non-password
> attributes. The only other change is that attributes explicitly marked
> as 'confidential' are also protected from reading by normal users (this,
> also in rc6, is always done now).
Bingo! That fixed my issues!
Upgrading to GA failed, and I did a step-by-step upgrade and reached problems
at RC6.
I have a bunch of Linux machines joined to the domain using winbind, and as of
RC6 they all fail to load user information ("id username" returned no users).
The majority of winbind versions I am running are 3.5.10-125.el6 from the
CentOS 6.3 repo.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
