| View previous topic :: View next topic |
| Author |
Message |
belrpr
Guru
Joined: 22 May 2006
Posts: 440
|
 Posted: Thu Apr 26, 2007 10:25 am Post subject: Samba ACL's |
 |
|
Hi,
I am replacing my windows 2003 fileserver with a gentoo samba server.
I already got samba working with AD and acl.
Now I have a question about the ACL's.
This is a output of getfacl /fileshares
| Code: | # file: Niet\040Deletebaar
# owner: KVKOV\134rpr
# group: KVKOV\134domain\040users
user::rwx
user:KVKOV\134rpr:rwx
group::rwx
mask::rwx
other::r-x |
The user who made the dir is rpr. What does the 134 means? Then what does the user: group: mask: and other mean?
I hope someone can help me out. |
|
| Back to top |
|
 |
JeroenV
Guru
Joined: 16 Jul 2002
Posts: 447
Location: Amsterdam / Hamburg
|
| Posted: Thu Apr 26, 2007 11:07 am Post subject: |
|
|
\134 seems to be an encoded character, probably the "\" character, just like \040 refers to a space character.
This seems to indicate that the user that made these files is not a domain user, but logged on as a local user on one of your workstations (i.e. KVKOV).
This will give you problems later, since rpr will not have access to his files from another workstation WS2, since the PDC will recognise him as WS2\rpr, i.e. another user.
So you must make sure that your workstations are joined to the domain, and that users logon to the domain and not to the local computer. I.e. you need to setup domain accounts for your users on the PDC, with which you can login on a workstation after it is joined to the domain.
(Note that you need XP Pro (or win2k) on your workstations, XP Home is not domain capable!)
_________________
Cheers 
Jeroen
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
May The Source be with you! |
|
| Back to top |
|
|
belrpr
Guru
Joined: 22 May 2006
Posts: 440
|
| Posted: Thu Apr 26, 2007 11:30 am Post subject: |
|
|
| JeroenV wrote: | \134 seems to be an encoded character, probably the "\" character, just like \040 refers to a space character.
This seems to indicate that the user that made these files is not a domain user, but logged on as a local user on one of your workstations (i.e. KVKOV).
This will give you problems later, since rpr will not have access to his files from another workstation WS2, since the PDC will recognise him as WS2\rpr, i.e. another user.
So you must make sure that your workstations are joined to the domain, and that users logon to the domain and not to the local computer. I.e. you need to setup domain accounts for your users on the PDC, with which you can login on a workstation after it is joined to the domain.
(Note that you need XP Pro (or win2k) on your workstations, XP Home is not domain capable!) |
The rpr user is a domain user.
And any info about the other questions? |
|
| Back to top |
|
|
JeroenV
Guru
Joined: 16 Jul 2002
Posts: 447
Location: Amsterdam / Hamburg
|
| Posted: Thu Apr 26, 2007 1:04 pm Post subject: |
|
|
hm, funny, in my domain there are no prefixes (like your KVKOV) for users and groups on the PDC.
As for the other questions, RTFM  (took me 1s to google it up with "posix acl howto")
http://www.suse.de/~agruen/acl/linux-acls/online/
_________________
Cheers
Jeroen
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
May The Source be with you! |
|
| Back to top |
|
|
belrpr
Guru
Joined: 22 May 2006
Posts: 440
|
| Posted: Thu Apr 26, 2007 1:28 pm Post subject: |
|
|
Thanks reading it through.
Read a lot, but some text are better than other. |
|
| Back to top |
|
|
|
Networking & Security
