Re: [Samba] FreeBSD-11 and Samba-4.6 as a DC
- Date: Fri, 14 Jul 2017 17:31:46 +0800
- From: David STIEVENARD via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] FreeBSD-11 and Samba-4.6 as a DC
On 07/12/2017 02:45 PM, Rowland Penny via samba wrote:
I was about to write about my success running samba 4.3.x on
freebsd....and I found this thread...this breaks my heart ;-)
On Wed, 12 Jul 2017 13:36:01 +1000
Dewayne Geraghty <dewayne.geraghty@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
Rowland, Are you saying that Samba46 won't provision on a file system
that has NFSv4 ACL enabled, rather than POSIX.1e (or no additional
ACL's, the usual default settings which allow only
owner:group:other) ? I would've thought that Samba would more closely
emulate Windows with the richer ACLs from NFSv4...
At present, a Samba AD DC must be provisioned on a filesystem that
supports the type of ACLs that ext4 supports, this unfortunately
doesn't include NFSv4 ACLs.
James - I have FreeBSD11.1Prelease with AD provisioned. (no NFSv4).
And contrary to Ref  below, Extended ACL's are enabled by default.
If Freebsd has modified Samba so that it will provision and run on
NFSv4 ACLs, then I would suggest they prepare patches and submit them
to the samba-technical mailing list. This is always provided they are
not just using the deprecated ntvfs server.
Its seems that Samba *must* run a separate member server (or
standalone) for both samba4 and nfsv4 to co-exist (and use nfsv4
Yes, running Samba as a Unix domain member will work, but it is
possible you will not be able to set ACLs from windows.
Previously it has been very unclear (ref 3-Volker's comment) whether
to use POSIX or nfsv4 ACL's. Though the wiki is clearer now. And
for the reference, FreeBSD's getfacl and setfacl operate on POSIX and
At the moment, Samba, on a DC, has no concept of NFSv4 ACLs, so you
need to use a filesystem such as ext4. I have tried UFS and ZFS on
Freebsd and cannot get either to work with a Samba AD DC.
this incompatibility with freeBSD appeared since 4.6 ?
what is the feature that caused this change ?
To unsubscribe from this list go to the following URL and read the