John Drescher wrote:
On Thu, Aug 7, 2008 at 8:10 PM, Keith Sudbury <[EMAIL PROTECTED]> wrote:
Hi Guys,
I am attempting to configure AC:L's I have enabled it in smb.conf for my
share and remounted my fs with acl enabled. However if I attempt to edit
security permissions for the group "Domain Users" it creates two more group
"CREATOR GROUP" and "CREATOR OWNER" and refreshes the security properties
and then just resets the tick boxes i had selected.
I have attached a screenshot of the windows security tab, here is the share
aprt of my smb.conf
# scratch space // Sneakernet // ***NOT BACKED UP***
[Scratch]
comment = Sneakernet
path = /home/scratch
public = no
writable = yes
browseable = yes
follow symlinks = yes
force group = "Domain Users"
nt acl support = yes
create mask = 770
directory mask = 770
Have you configured idmap?
Here is what I have for a test domain called YOUR_DOMAIN
idmap domains = YOUR_DOMAIN TRUSTEDDOMAINS
idmap config YOUR_DOMAIN:backend = nss
idmap config YOUR_DOMAIN:readonly = yes
idmap config TRUSTEDDOMAINS:default = yes
idmap config TRUSTEDDOMAINS:backend = tdb
idmap config TRUSTEDDOMAINS:range = 10000 - 50000
idmap alloc backend = tdb
idmap alloc config:range = 10000 - 50000
John
Hi John,
I have...
security = ads
passdb backend = tdbsam
password server = server01.mydomain.local
realm = MYDOMAIN.LOCAL
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind use default domain = yes
winbind enum users = yes
obey pam restrictions = yes
I will test what you pasted above in a VM.
Regards
--
Keith Sudbury
Netzen Solution Ltd
Suite 5, Piccadilly House, London Rd, Bath, BA1 6PL, UK
Mobile: +44 (0)7921464106
Tel: +44 (0)1225 588 588
Fax: +44 (0)1225 580 061
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
