Web lists-archives.com

Re: [Samba] Windows ACL clarification for Roaming Profiles share

Marc Muehlfeld via samba wrote:

That's why it is not necessary to add SYSTEM to the file system ACLs on a Samba share: SYSTEM is just an account that exists _locally_ and is not used when connecting to network resources.
   if the share is hosting a roaming profile -- what user updates
the profile and what user updates the registry on the remote-roaming profile?
Is it SYSTEM or the user?

   2nd Q: if you use offline files to allow modifying local content even
though a server is down -- what USER is used to push those changes to the
remote system, or merge remote changes to a local user profile?  (I think
it may be SYSTEM, but can't say for sure).

   There may be some other cases where SYSTEM is used to do I/O --
if you defrag your disk,  you'll see a SYSTEM process showing as
the I/O initiator.  Some shadow copy stuff and backup stuff might need
SYSTEM to perform the I/O... (again, not sure, but...)

   If everything works in your setup...great!  just be aware
MS makes changes w/o telling users so SYSTEM might be used for something
else tomorrow.  I hear you when you say nothing is justifying it.
So... go ahead, ask MS to justify something and let us know how that
goes... ;-)  MS doesn't listen to users these days, or haven't you noticed?


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba