Web lists-archives.com

Re: [Samba] Using samba AD in mixed OS environment

Hi Denis.

Since we have "tricky" people working on the Linux machines we prefer NFS
because it's less hassle to mount and requires no credentials. Basically
because of the users we tend to choose the easiest possible way for them to
access the needed resources. I guess  pam-script module mounting is exactly
for this purpose, but I'll to research more since I'm not familiar with it.


On Wed, May 2, 2018 at 9:00 AM, Denis Cardon <dcardon@xxxxxxxxxxx> wrote:

> Hi Zdravko,
> I've got working samba AD server. It is playing nicely with Windows 10 and
>> also successfully authenticating Linux machines with SSSD.
>> On the Windows machines I have our EMC storage smb mounted via group
>> policy. Managing permissions for users and groups there, as you know,
>> happens with right click, security etc..
>> As you may have already guessed the troubles come when my Linux machines,
>> that access the storage via nfs mount, need to work with folders and files
>> created from the Windows PCs. Linux doesn't "see" the actual user/group
>> that owns given folder. It interprets it into numbers, some kind of UID
>> that comes from the Windows machines.
> unless you definitly need NFS for some reasons you should go for a
> mount.cifs for share access. Having two different protocols is bound to
> have issues with ownership and ACLs. And if you really need POSIX support,
> you can still have it with Unix Extensions, although it will retrict you to
> SMB1 support, which is very chatty and not so fast.
> By the way, you can mount a CIFS share at session startup using pam-script
> module.
> Cheers,
> Denis
> I'm quite sure that this is common and known issue, but I don't know what
>> is the right way to deal with it, so any wisdom will be helpful.
>> Thanks
>> Z
> --
> Denis Cardon
> Tranquil IT Systems
> Les Espaces Jules Verne, bâtiment A
> 12 avenue Jules Verne
> 44230 Saint Sébastien sur Loire
> tel : +33 (0)
> http://www.tranquil.it
> Samba install wiki for Frenchies : https://dev.tranquil.it
> WAPT, software deployment made easy : https://wapt.fr
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba