On Dec 16, 2009, at 11:31 PM, Anton Starikov wrote: > > On Dec 17, 2009, at 8:22 AM, George K Colley wrote: > >> >> On Dec 16, 2009, at 1:39 PM, Anton Starikov wrote: >> >>> >>> On Dec 16, 2009, at 10:28 PM, Ryan Suarez wrote: >>> >>>> Anton Starikov wrote: >>>>> Then with "unix extension = yes" there os no way for propagation of ACL's? >>>>> >>>>> BTW, I tried it with "unix extension = no" on server side. According to >>>>> google it used to work on 10.5.x in this way. >>>> >>>> Nope, I'm testing with OSX v10.5.7 client and we have 'unix extensions=no' >>>> explicitly set on the server. This problem still occurs. >>>> >>> >>> Then I don't understand. I found few cases on the internet, where disabling >>> of unix extensions helped to enable ACL for 10.5.x. >>> Probably it was with older versions of Leopard with older of smbfs. >> unix extension on or off has no affect on ACL support. We turn on NT Style >> ACL support only if we think the Server, Client and Network Log in user all >> belong to the same Domain. > > How to check it or enforce it? > > Setup is next: > 1) On OSX 10.5 server OpenDirectory + samba PDC. ON 10.5 we require that the mount point be owned by an AD user and the log user is an AD user. > > 2) Linux server with samba (member of domain hosted on OSX) Can't be some with 10.5 clients > > 3) OSX 10.6 client. > > OSX client login as OpenDirectory user. In opendirectory apple-user-homeurl > set to point to samba share on linux server. Need to return the correct info in the WhoAMI call. I will need to look at the code. So let me get back to you on this one.
George > > > Anton. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
