On November 3, 2010, James D. Parra jam...@musicreports.com wrote:
Hello,
I have joined the Linux server (Suse 11.2) to the Windows domain
(win2003) and users can login to the server using their window's domain
credentials. Also can view all of the domain groups using 'wbinfo -g',
however
On Thu, Nov 04, 2010 at 11:50:03AM -0700, James D. Parra wrote:
Hello Bruce,
Still can't get setfacl to get group or user info from the AD (Windows 2003)
I have the following in nsswitch.conf;
passwd: compat ldap
group: files ldap
Have you put the correct details into the nss_ldap
- Original Message -
From: Bruce Richardson itsbr...@workshy.org
To: samba@lists.samba.org
Sent: Wednesday, November 3, 2010 6:31:44 PM GMT -08:00 US/Canada Pacific
Subject: Re: [Samba] getting error with setfacl
On Wed, Nov 03, 2010 at 05:05:28PM -0700, James D. Parra wrote:
Well
The key tool is nsswitch. Winbind may or may not be necessary,
depending on your precise set up. It's the nsswitch libraries and
configuration file which tell Linux where to fetch user and group
information.
~
Hello Bruce,
Still can't get setfacl to get group or user
Still can't get setfacl to get group or user info from the AD (Windows 2003)
snip
Somewhere is the magic to get setfacl to see the AD groups and users.
Found the problem and the solution. On the Windows AD the Unix attributes for
the groups were not
Hello,
I have joined the Linux server (Suse 11.2) to the Windows domain (win2003) and
users can login to the server using their window's domain credentials. Also can
view all of the domain groups using 'wbinfo -g', however when I try to set the
acls on a local dir' I get the follow error;
I have joined the Linux server (Suse 11.2) to the Windows domain (win2003) and
users can login to the server using their window's domain credentials. Also can
view all of the domain groups using 'wbinfo -g', however when I try to set the
acls on a local dir' I get the follow error;
#setfacl
On Wed, Nov 03, 2010 at 11:25:44PM +, Miguel Medalha wrote:
I have joined the Linux server (Suse 11.2) to the Windows domain (win2003)
and users can login to the server using their window's domain credentials.
Also can view all of the domain groups using 'wbinfo -g', however when I try
The setfacl tool knows nothing about Windos domains, hence the error
you see.
Well it does if you're using winbindd to map DOMAIN\\groupname
to a group on the box :-).
I never used Samba with AD authentication, so I don't have direct
experience with that. But immediately *after* I pressed
On Wed, Nov 03, 2010 at 11:25:44PM +, Miguel Medalha wrote:
I have joined the Linux server (Suse 11.2) to the Windows domain (win2003)
and users can login to the server using their window's domain credentials.
Also can view all of the domain groups using 'wbinfo -g', however when I try
By the way, does the Samba team have the intention to produce a command
line tool that can use the acl_xattr module to manipulate ACLs,
providing them to the OS? That would be very nice! Maybe I'm wrong, but
I see a big future there.
--
To unsubscribe from this list go to the following URL and
On Wed, Nov 03, 2010 at 05:05:28PM -0700, James D. Parra wrote:
On Wed, Nov 03, 2010 at 11:25:44PM +, Miguel Medalha wrote:
I have joined the Linux server (Suse 11.2) to the Windows domain (win2003)
and users can login to the server using their window's domain credentials.
Also
On Thu, Nov 04, 2010 at 12:05:02AM +, Miguel Medalha wrote:
By the way, does the Samba team have the intention to produce a
command line tool that can use the acl_xattr module to manipulate
ACLs, providing them to the OS? That would be very nice! Maybe I'm
wrong, but I see a big future
Not sure what you mean by providing them to the OS ? The store
in acl_xattr is a Samba-specific one. If you want the OS to use
them that means kernel changes.
Yes. A kernel module maybe, and a utility to manipulate the ACLs on xattr.
I really like your vfs_acl_xattr idea. Often I need to set
On Thu, Nov 04, 2010 at 12:23:12AM +, Miguel Medalha wrote:
Not sure what you mean by providing them to the OS ? The store
in acl_xattr is a Samba-specific one. If you want the OS to use
them that means kernel changes.
Yes. A kernel module maybe, and a utility to manipulate the ACLs on
I just noticed that my question has two aspects to it.
Leaving aside, for now, the kernel connection, it would be very nice to
have a command line tool to manipulate the ACLs stored by the
vfs_acl_xattr module, even if it's only for Samba. There must be a way,
some utility to read and write
On Thu, Nov 04, 2010 at 12:37:33AM +, Miguel Medalha wrote:
I just noticed that my question has two aspects to it.
Leaving aside, for now, the kernel connection, it would be very nice
to have a command line tool to manipulate the ACLs stored by the
vfs_acl_xattr module, even if it's only
What I meant was: the vfs_acl_xattr is a very good idea. Is there some
other way to get/set the ACLs it stores other than using the Windows
graphic interface on a Windows client machine? If not, that's what I
find uncomfortable with this solution. That's why I asked for a command
line tool to
Ok, we're on the right track now. Do you mean that smbcacls is
compatible with the use of the vfs_acl_xattr module? Will the ACLs set
with that tool be passed to the module and stored in Extended Attributes?
I just made some quick tests and indeed smbcacls does show the ACLs
stored by the
On Wed, Nov 03, 2010 at 05:05:28PM -0700, James D. Parra wrote:
Well it does if you're using winbindd to map DOMAIN\\groupname
to a group on the box :-).
~
Thank you Jeremy. What is the best way to do that?
The key tool is nsswitch. Winbind may or may not be
20 matches
Mail list logo