Re: [Samba] Prevent Samba clients from changing group ownership?
On 06/06/12 01:35 AM, Jonathan Buzzard wrote: On Wed, 2012-06-06 at 06:47 +, Dirk Traenapp wrote: [SNIP] With this configuration i can force every new folder or file belonging to default-group of the parent folder. But won't stop me *changing* the ownership of file or folder. Right, and thanks for all the advice. We want the group ownership of all files and folders in a particular directory to be www-data, so we used chmod g+s on the directory. This seems to work well for many Samba clients, but we notice that the group ownership of files created or edited by some Samaba clients is the default group of the user, not www-data. The client is (at least one version of) Mac OS X I assume what is happening is that the g+s permission on the directory is respected when files are created, but that clients are able to change the group ownership of files, and this is what the Mac OS X client is doing? It sounds like the only way to prevent clients from changing group ownership is with rich permissions (which I haven't checked out yet) and disabling Unix extensions -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Prevent Samba clients from changing group ownership?
How can I prevent Samba clients from changing the group ownership of files? With the security mask parameter I can prevent Samba clients from changing some permission bits, but I can't find a parameter to prevent changing the group ownership -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Different create mask for subdirectory?
How can I configure a different create mask for a subdirectory of a share? I configured a share with path = /var/www and create mask = 0770. But now I want a different create mask for a subdirectory, e.g. I want create mask = 0777 for subdirectory /var/www/children -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Edit security/permissions of Windows share from Linux client?
Is there a way to edit the security/permissions of a Windows share from a Linux client? The Windows share belongs to a Windows Server 2008 server. From a Windows client I can go to the Security tab of the Properties dialog and edit the permissions. I want to do effectively the same thing, but from my Linux client Is there any way? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Change password (like smbpasswd) from Windows?
From Linux I can use smbpasswd -r 192.168.1.123 -U jack to change the password I use to map network drives. How can I do the same from Windows? I configured a Samba share that several folks connect to from their personal (Windows) laptops. They want to be able to change the passwords they use to connect to this share -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ldapsam and Windows LDAP account information?
I can browse our Windows account information with ldapsearch as below. Can I configure ldapsam passdb backend to use account information from this LDAP directory? $ ldapsearch -b dc=example,dc=com -h 192.168.1.23 -U jack -Y DIGEST-MD5 '(sAMAccountName=jack)' SASL/DIGEST-MD5 authentication started Please enter your password: SASL username: jack SASL SSF: 128 SASL data security layer installed. # extended LDIF # # LDAPv3 # base dc=example,dc=com with scope subtree # filter: (sAMAccountName=jack) # requesting: ALL # # Jack Bates, Users, example.com dn: CN=Jack Bates,OU=Users,DC=example,DC=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user cn: Jack Bates sn: Bates givenName: Jack distinguishedName: CN=Jack Bates,OU=Users,DC=example,DC=com instanceType: 4 whenCreated: 20100208201903.0Z whenChanged: 20120224053849.0Z displayName: Jack Bates uSNCreated: 9196 name: Jack Bates objectSid:: AQUAAAUVQk92XxQ5n9Y/MI82VQQAAA== sAMAccountName: jack sAMAccountType: 805306368 userPrincipalName: j...@example.com [...] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Anything like nss_updatedb for ldapsam account information backend?
Is there anything like nss_updatedb [1] for ldapsam account information backend? nss_updatedb caches unix account information, so it is available even when the LDAP directory isn't available But ldapsam stores additional account information. How can I cache this additional account information, so it is also available even when the LDAP directory isn't available? [1] http://www.padl.com/OSS/nss_updatedb.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba