Web lists-archives.com

Re: [Samba] Missing security tab samba 4.1.13

Hi Rowland,

>> Hi all,
>> I followed the installation instructions
>> on https://imanudin.net/2014/11/16/how-to-install-samba4-active-directory-on-centos-7-part-1/#comment-16611
>> to install Samba 4.1.13. One difference is that I used the Internal
>> DNS server as opposed to the external one. 

>I suppose you totally missed the fact that the 4.1.x series went EOL
>quite some time ago, in fact 4.6.0 should be out this month.

>Why follow that particular howto ?

Well, I googled for a fair amount of them and this one had a fair amount of comments to it, which proved useful as I encountered some of the errors and was able to learn from them. Also, I was able to add my own solutions to other people's problems, which I like. In that way it becomes a community driven How To. In my experience those work out better often.

>> I was able to add a Windows 7 Pro workstation to the domain and I see
>> the shares I added in smb.conf (with only the path and the read only
>> setting to "no"), but on those shares I miss the Security tab. I
>> added the correct privilege to the administrators group.The default
>> shares like netlogon and sysvol do show the Security tab. 
>> I did see a difference when I do a getfacl for those folders as
>> opposed to the ones I created. For the latter I do not get any ACL
>> configuration.
>> Am I supposed to do a manual setfacl for my own shares?


OK - I did not find that on https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs . I suppose it should be added to that howto. 

Can I simply copy the ACLs of "netlogon" or "sysvol"?

>> One other thing is that the administration of the shares behaves
>> unstable when I have IPv6 enabled, so that is disabled now.

>Could be down to not having the reverse zone set up.

Good point, I don't have that. I suppose I miss a pointer record for the server then.

>> I have been browsing the web for hours, but it doesn not seem to be a
>> typical problem.

>Did you think to go to the source ????


>Specifically this page:


Ha, you are now referencing to the page I just mentioned. It does not mention setting ACLs, which should be added I suppose.


Cheers Rowland

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba