Thanks Ricky. I've enabled the file system requirements in fstab and
checked the kernel supports them (not sure how I managed to skip that
step during installation). Now the permissions changes do stick.
However, as per Andrew's email (part of this thread) - the server still
prompts for credentials on the workgroup machine when trying to access
the public/full permissions share, although I allowed full access to
Guests and Everyone. It seems there is no way to provide unauthenticated
access to shares at this moment in Samba 4.
It would have been rather useful with migrating workgroups to domains
gradually, instead of in one step - but one must be happy with one's
blessings :-) - so I'll make do the way things are.
Cheers,
Sebastian
On 15/02/13 18:00, Ricky Nance wrote:
Have you taken a look at
https://wiki.samba.org/index.php/Samba_4/OS_Requirements#File_System_Support to
ensure your file system will handle ACL's?
Ricky
On Fri, Feb 15, 2013 at 10:35 AM, Sebastian Arcus <[email protected]
<mailto:[email protected]>> wrote:
Hi Ricky,
Thanks for the reply. I have tried changing the permissions on the
netlogon share and the strange thing is that none of the changes I
do in the Security/ACL tab from the Windows XP machine which is
joined to the domain (but on the netlogon share which is on the
server) actually stick. I can access the shares fine with that
machine, but if I change the permissions, it seems to just ignore
the changes - no error message. I am logged in as the domain
Administrator - so it seems like a bit of a mystery. Then again -
maybe I've done something silly when I've setup this Samba AD DC -
although I've followed all the instructions on the Samba wiki and
everything else seems to be working fine.
Sebastian
On 14/02/13 05:31, Ricky Nance wrote:
Hi Sebastian,
Many of the per share options can now be done using ACL's. In
this case
you would open the netlogon share (via windows) start -> run ->
\\MY-SERVER\netlogon (then press enter), then right click on a blank
spot in that folder (not on any other file or folder) and select
properties. Find the security tab and you can make the
modifications you
want (specifically adding Everyone with full permissions should
give you
what you are looking for, though I have not been able to test
this yet).
If I get a chance soon I will do some testing to make sure that
the acl
change is all that is needed.
To find out what options are available, samba-tool testparm -v
will give
you a nice list (at least for global).
Ricky
On Wed, Feb 13, 2013 at 4:33 AM, Sebastian Arcus
<[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>> wrote:
I would like to migrate some of my Samba 3.x domains to
Samba 4.
Part of the functionality of the current system is allowing
some
Windows XP Pro computers, which are not joined to the
domain, access
to some public shares on the Samba server. I tried using
"map to
guest = bad user" with Samba 4 - but it appears to be
completely
ignored and the Windows XP machine keeps on prompting for
username/password when trying to access the server share.
Has this
option been dropped in Samba 4? Is there another way to
accomplish
the same?
Otherwise my Samba 4 domain seems to be working fine - and the
Windows XP Pro machines which are joined to it can access
the share
fine.
As a side note, I find it hard to figure out which smb.conf
options
are still available for Samba 4 and which are not. I've googled
around and can't seem to find a wiki page or authoritative
page.
I use Samba 4.1.0pre1
Here is my smb.conf
[global]
workgroup = MYDOMAIN
realm = mydomain.local
netbios name = MY-SERVER
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
map to guest = bad user
[netlogon]
path = /var/lib/samba/sysvol/____mydomain.local/scripts
read only = No
public = Yes
--
To unsubscribe from this list go to the following URL and
read the
instructions:
https://lists.samba.org/____mailman/options/samba
<https://lists.samba.org/__mailman/options/samba>
<https://lists.samba.org/__mailman/options/samba
<https://lists.samba.org/mailman/options/samba>>
--
--
Linux vehicle CCTV - www.open-t.co.uk/iroko
<http://www.open-t.co.uk/iroko>
--
--
Linux vehicle CCTV - www.open-t.co.uk/iroko
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
