Web lists-archives.com

Re: [Samba] Windows ACL clarification for Roaming Profiles share

On Fri, 17 Feb 2017 07:58:58 +0100
Marc Muehlfeld <mmuehlfeld@xxxxxxxxx> wrote:

> Am 16.02.2017 um 17:27 schrieb Rowland Penny via samba:
> > However, SYSTEM is used in sysvol and Windows expects it.
> Clients, who are accessing the share, do not require it to be set on
> the local filesystem the share uses on the server, because SYSTEM is
> a local principal on each host (in this case, the DC that hosts the
> sysvol share).
> The sysvol share works also if you remove the SYSTEM principal. The
> principal is used, as everywhere else, to enable e. g. local services
> that use the SYSTEM account, to access the content on the local file
> system. That's why it is usually added to file system ACLs everywhere
> on Windows, but it's nothing Windows expects nor requires.
> For this reason, if you remove SYSTEM from the Sysvol's file system
> ACLs, the share works completely the same. Regardless if you do this
> on a Windows or on a Samba DC.

So, I give you a link to a Microsoft page that shows what accounts are
required for the profiles share and you choose to ignore it ????


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba