Discussion:
[Samba] winbind use default domain change impact on ACLs?
Coert
2016-08-06 17:32:10 UTC
Permalink
Hello all!

I have a samba server as a member of a domain with trust relationships
to two other domains.

Samba is configured with:
winbind use default domain = yes
winbind separator = +

so the domain samba is member of does not use the seperator, but the
other 2 domains do.

If I change this to winbind use default domain = no ,will I have to
update all the ACLs on the filesystem to include DOMAIN+username instead
of just username?

Kind regards,
Coert
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
mathias dufresne
2016-08-09 08:24:01 UTC
Permalink
As computers love numbers, I expect that won't change anything if you are
using system ACLs: ACLs on disk should be set using number (UID/GID) rather
than names.
If you are using Samba only ACLs (with "acl_xattr:ignore system acls = yes"
in smb.conf) I have no idea.

Anyway testing should not take much time, perhaps less than time needed to
answer you...
Post by Coert
Hello all!
I have a samba server as a member of a domain with trust relationships to
two other domains.
winbind use default domain = yes
winbind separator = +
so the domain samba is member of does not use the seperator, but the other
2 domains do.
If I change this to winbind use default domain = no ,will I have to update
all the ACLs on the filesystem to include DOMAIN+username instead of just
username?
Kind regards,
Coert
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Loading...