Re: [Samba] FreeBSD-11 and Samba-4.6 as a DC
- Date: Wed, 12 Jul 2017 07:45:02 +0100
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] FreeBSD-11 and Samba-4.6 as a DC
On Wed, 12 Jul 2017 13:36:01 +1000
Dewayne Geraghty <dewayne.geraghty@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
> Rowland, Are you saying that Samba46 won't provision on a file system
> that has NFSv4 ACL enabled, rather than POSIX.1e (or no additional
> ACL's, the usual default settings which allow only
> owner:group:other) ? I would've thought that Samba would more closely
> emulate Windows with the richer ACLs from NFSv4...
At present, a Samba AD DC must be provisioned on a filesystem that
supports the type of ACLs that ext4 supports, this unfortunately
doesn't include NFSv4 ACLs.
> James - I have FreeBSD11.1Prelease with AD provisioned. (no NFSv4).
> And contrary to Ref  below, Extended ACL's are enabled by default.
If Freebsd has modified Samba so that it will provision and run on
NFSv4 ACLs, then I would suggest they prepare patches and submit them
to the samba-technical mailing list. This is always provided they are
not just using the deprecated ntvfs server.
> Its seems that Samba *must* run a separate member server (or
> standalone) for both samba4 and nfsv4 to co-exist (and use nfsv4
Yes, running Samba as a Unix domain member will work, but it is
possible you will not be able to set ACLs from windows.
> Previously it has been very unclear (ref 3-Volker's comment) whether
> to use POSIX or nfsv4 ACL's. Though the wiki is clearer now. And
> for the reference, FreeBSD's getfacl and setfacl operate on POSIX and
> NFSv4 ACLs
At the moment, Samba, on a DC, has no concept of NFSv4 ACLs, so you
need to use a filesystem such as ext4. I have tried UFS and ZFS on
Freebsd and cannot get either to work with a Samba AD DC.
To unsubscribe from this list go to the following URL and read the