On Dec 17, 2009, at 8:35 AM, George K Colley wrote: >>> unix extension on or off has no affect on ACL support. We turn on NT Style >>> ACL support only if we think the Server, Client and Network Log in user all >>> belong to the same Domain. >> >> How to check it or enforce it? >> >> Setup is next: >> 1) On OSX 10.5 server OpenDirectory + samba PDC. > ON 10.5 we require that the mount point be owned by an AD user and the log > user is an AD user.
There is no AD. OSX server acts as PDC. But in smb.conf on this server it is pointed that profiles and homes should be taken from linux server (for windows clients domain logons). We mount nothing on 10.5 server itself. it just acts as authorization center for all kind of services. On linux file-server, obviously, home shares are same user home directories we share over NFS. So, permissions are OK. >> 2) Linux server with samba (member of domain hosted on OSX) > Can't be some with 10.5 clients Didn't get your point here. >> 3) OSX 10.6 client. >> >> OSX client login as OpenDirectory user. In opendirectory apple-user-homeurl >> set to point to samba share on linux server. > Need to return the correct info in the WhoAMI call. I will need to look at > the code. So let me get back to you on this one. OK, I'll test it today. Anton. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
