Hello, I'm considering moving our windows shares (2003 domain) to a samba server, to improve performance, setup clustering and use scheduled lvm snapshots. However, I've not clarified how our current security policy would be applied on this server and like to ask you some things (sorry, I'm sure they already have been posted but there is so much on this topic to read I prefer to ask again)
Currently, we manage security on our shares by : * giving full control to everybody at the "share" level * restricting rights at the "security" level By switching to samba, we face a set of challenges : * Joining the domain and retrieving users and groups from the windows domain to the samba server. As I know, this is ok and is well done with winbind * Changes to our security policy. We will have to manage security at the linux/samba level and this raises some questions: - is it still possible to keep the security management at the file level (by giving full control at the share level and thus eliminating botherings on this side) ? I know there are some limitations when mapping posix acls to windows one but that might be acceptable. - I've tried to manage posix acls on ext3 via konqueror which I could find a good alternative to windows' gui but I'd prefer a web front end. Would you have some nice web gui to recommend ? Thanks in advance, Regards, -- Mikael Kermorgant -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba