Re: [Samba] FreeBSD-11 and Samba-4.6 as a DC
- Date: Wed, 12 Jul 2017 15:48:57 -0500
- From: Andrew Walker via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] FreeBSD-11 and Samba-4.6 as a DC
On Wed, Jul 12, 2017 at 1:45 AM, Rowland Penny via samba <
> If Freebsd has modified Samba so that it will provision and run on
> NFSv4 ACLs, then I would suggest they prepare patches and submit them
> to the samba-technical mailing list. This is always provided they are
> not just using the deprecated ntvfs server.
I believe can see the current patches applied to the FreeBSD samba port by
running the following commands on a FreeBSD system
The current FreeBSD 4.6 patches will be listed under
> > Its seems that Samba *must* run a separate member server (or
> > standalone) for both samba4 and nfsv4 to co-exist (and use nfsv4
> > ACLs)?
> Yes, running Samba as a Unix domain member will work, but it is
> possible you will not be able to set ACLs from windows.
When FreeBSD is joined to an AD domain as a member server, you will be able
to change permissions from a Windows client if you have 'zfsacl' enabled
(and the rest of samba is properly configured). Everything works as
expected. I've been running such a setup in production for a number of
> Previously it has been very unclear (ref 3-Volker's comment) whether
> > to use POSIX or nfsv4 ACL's. Though the wiki is clearer now. And
> > for the reference, FreeBSD's getfacl and setfacl operate on POSIX and
> > NFSv4 ACLs
> At the moment, Samba, on a DC, has no concept of NFSv4 ACLs, so you
> need to use a filesystem such as ext4. I have tried UFS and ZFS on
> Freebsd and cannot get either to work with a Samba AD DC.
Out of curiosity, have you tried it on a FreeNAS VM through the webui? I
believe that it works there, but I haven't found time to play around with
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
To unsubscribe from this list go to the following URL and read the