Re: [Samba] Cannot set ACL for Authenticated Users
Hi Jeremy, thanks for your answer. Le 29/04/2011 20:00, Jeremy Allison a écrit : On Fri, Apr 29, 2011 at 04:11:34PM +0200, Arnaud Lesauvage wrote: Yes, windows PDC running Windows 2003 R2 (NO unix extensions). wbinfo -u works fine. But wbinfo -Y S-1-5-11 returns Could not convert sid S-1-5-11 to gid And that is exactly what happened to the OP of the discussion I quoted in my original message. Try force unknown acl user = yes Nope, no better. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot set ACL for Authenticated Users
Le 29/04/2011 14:45, Aaron E. a écrit : Does the file system your working with support ACL? IS it set to use acls in the /etc/fstab? Hi Aaron, thanks for your answer. Yes, it is set to use ACL and usr_xattr. Both work well. But Authenticated Users seem to be not mappable to a gid. On 04/29/2011 06:24 AM, Arnaud Lesauvage wrote: Hi list ! I have found someone having a similar problem back in 2007 (http://lists.samba.org/archive/samba/2007-April/131574.html), but as I understand it, this problem is fixed for a long time now. So basically, I am trying to give Authenticated Users some permissions on a folder in a samba share, but when I wheck back either with my windows GUI or via getfacl, the permission has just been dismissed and nothing ahas changed. The serveur is running samba version 3.2.7 on OpenSuse 11. Here is the result of testparm : [global] workgroup = dom realm = dom.ext server string = Samba Server security = ADS password server = pdc1.dom.ext pdc2.dom.ext idmap uid = 1200-2 idmap gid = 1200-2 winbind separator = + winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind expand groups = 3 And for the share where the folder is stored : [data] comment = data path = /srv/samba/data valid users = @LOCAL+Domain Users admin users = @LOCAL+Domain Admins read only = no browseable = no map acl inherit = yes inherit acls = yes create mask = 0600 directory mask = 0700 store dos attributes = yes csc policy = disable What should I change to be able to attribute permissions to the Authenticated Users group ? Thanks a lot for your help ! Arnaud -- Arnaud Lesauvage IT Executive Codata Belgium SA 143-145, Avenue bourgmestre Jean Materne - 5100 Namur - Belgium Tel : +32 81 21 53 48 - Fax : +32 81 21 54 24 Mel : arnaud.lesauv...@codata.eu Web : http://www.codata.eu/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot set ACL for Authenticated Users
Does the file system your working with support ACL? IS it set to use acls in the /etc/fstab? On 04/29/2011 06:24 AM, Arnaud Lesauvage wrote: Hi list ! I have found someone having a similar problem back in 2007 (http://lists.samba.org/archive/samba/2007-April/131574.html), but as I understand it, this problem is fixed for a long time now. So basically, I am trying to give Authenticated Users some permissions on a folder in a samba share, but when I wheck back either with my windows GUI or via getfacl, the permission has just been dismissed and nothing ahas changed. The serveur is running samba version 3.2.7 on OpenSuse 11. Here is the result of testparm : [global] workgroup = dom realm = dom.ext server string = Samba Server security = ADS password server = pdc1.dom.ext pdc2.dom.ext idmap uid = 1200-2 idmap gid = 1200-2 winbind separator = + winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind expand groups = 3 And for the share where the folder is stored : [data] comment = data path = /srv/samba/data valid users = @LOCAL+Domain Users admin users = @LOCAL+Domain Admins read only = no browseable = no map acl inherit = yes inherit acls = yes create mask = 0600 directory mask = 0700 store dos attributes = yes csc policy = disable What should I change to be able to attribute permissions to the Authenticated Users group ? Thanks a lot for your help ! Arnaud -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot set ACL for Authenticated Users
Le 29/04/2011 14:45, Aaron E. a écrit : Does the file system your working with support ACL? IS it set to use acls in the /etc/fstab? Hi Aaron, thanks for your answer. Yes, it is set to use ACL and usr_xattr. Both work well. But Authenticated Users seem to be not mappable to a gid. On 04/29/2011 06:24 AM, Arnaud Lesauvage wrote: Hi list ! I have found someone having a similar problem back in 2007 (http://lists.samba.org/archive/samba/2007-April/131574.html), but as I understand it, this problem is fixed for a long time now. So basically, I am trying to give Authenticated Users some permissions on a folder in a samba share, but when I wheck back either with my windows GUI or via getfacl, the permission has just been dismissed and nothing ahas changed. The serveur is running samba version 3.2.7 on OpenSuse 11. Here is the result of testparm : [global] workgroup = dom realm = dom.ext server string = Samba Server security = ADS password server = pdc1.dom.ext pdc2.dom.ext idmap uid = 1200-2 idmap gid = 1200-2 winbind separator = + winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind expand groups = 3 And for the share where the folder is stored : [data] comment = data path = /srv/samba/data valid users = @LOCAL+Domain Users admin users = @LOCAL+Domain Admins read only = no browseable = no map acl inherit = yes inherit acls = yes create mask = 0600 directory mask = 0700 store dos attributes = yes csc policy = disable What should I change to be able to attribute permissions to the Authenticated Users group ? Thanks a lot for your help ! Arnaud -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot set ACL for Authenticated Users
Windows PDC? Does wbinfo -u return a list of domain users? On 04/29/2011 09:44 AM, Arnaud Lesauvage wrote: Le 29/04/2011 14:45, Aaron E. a écrit : Does the file system your working with support ACL? IS it set to use acls in the /etc/fstab? Hi Aaron, thanks for your answer. Yes, it is set to use ACL and usr_xattr. Both work well. But Authenticated Users seem to be not mappable to a gid. On 04/29/2011 06:24 AM, Arnaud Lesauvage wrote: Hi list ! I have found someone having a similar problem back in 2007 (http://lists.samba.org/archive/samba/2007-April/131574.html), but as I understand it, this problem is fixed for a long time now. So basically, I am trying to give Authenticated Users some permissions on a folder in a samba share, but when I wheck back either with my windows GUI or via getfacl, the permission has just been dismissed and nothing ahas changed. The serveur is running samba version 3.2.7 on OpenSuse 11. Here is the result of testparm : [global] workgroup = dom realm = dom.ext server string = Samba Server security = ADS password server = pdc1.dom.ext pdc2.dom.ext idmap uid = 1200-2 idmap gid = 1200-2 winbind separator = + winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind expand groups = 3 And for the share where the folder is stored : [data] comment = data path = /srv/samba/data valid users = @LOCAL+Domain Users admin users = @LOCAL+Domain Admins read only = no browseable = no map acl inherit = yes inherit acls = yes create mask = 0600 directory mask = 0700 store dos attributes = yes csc policy = disable What should I change to be able to attribute permissions to the Authenticated Users group ? Thanks a lot for your help ! Arnaud -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot set ACL for Authenticated Users
Yes, windows PDC running Windows 2003 R2 (NO unix extensions). wbinfo -u works fine. But wbinfo -Y S-1-5-11 returns Could not convert sid S-1-5-11 to gid And that is exactly what happened to the OP of the discussion I quoted in my original message. Le 29/04/2011 16:00, Aaron E. a écrit : Windows PDC? Does wbinfo -u return a list of domain users? On 04/29/2011 09:44 AM, Arnaud Lesauvage wrote: Le 29/04/2011 14:45, Aaron E. a écrit : Does the file system your working with support ACL? IS it set to use acls in the /etc/fstab? Hi Aaron, thanks for your answer. Yes, it is set to use ACL and usr_xattr. Both work well. But Authenticated Users seem to be not mappable to a gid. On 04/29/2011 06:24 AM, Arnaud Lesauvage wrote: Hi list ! I have found someone having a similar problem back in 2007 (http://lists.samba.org/archive/samba/2007-April/131574.html), but as I understand it, this problem is fixed for a long time now. So basically, I am trying to give Authenticated Users some permissions on a folder in a samba share, but when I wheck back either with my windows GUI or via getfacl, the permission has just been dismissed and nothing ahas changed. The serveur is running samba version 3.2.7 on OpenSuse 11. Here is the result of testparm : [global] workgroup = dom realm = dom.ext server string = Samba Server security = ADS password server = pdc1.dom.ext pdc2.dom.ext idmap uid = 1200-2 idmap gid = 1200-2 winbind separator = + winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind expand groups = 3 And for the share where the folder is stored : [data] comment = data path = /srv/samba/data valid users = @LOCAL+Domain Users admin users = @LOCAL+Domain Admins read only = no browseable = no map acl inherit = yes inherit acls = yes create mask = 0600 directory mask = 0700 store dos attributes = yes csc policy = disable What should I change to be able to attribute permissions to the Authenticated Users group ? Thanks a lot for your help ! Arnaud -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot set ACL for Authenticated Users
On Fri, Apr 29, 2011 at 04:11:34PM +0200, Arnaud Lesauvage wrote: Yes, windows PDC running Windows 2003 R2 (NO unix extensions). wbinfo -u works fine. But wbinfo -Y S-1-5-11 returns Could not convert sid S-1-5-11 to gid And that is exactly what happened to the OP of the discussion I quoted in my original message. Try force unknown acl user = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba