HPE Community
Operating System - Linux
1752587 Members
4782 Online
108788 Solutions
New Discussion юеВ

Re: setting acl on AD users

 
Maaz
Valued Contributor

тАО09-09-2008 12:25 AM

тАО09-09-2008 12:25 AM

setting acl on AD users

I have a samba server(as a MS Windows AD member server).
can I grant/set permissions on users/group of AD on shared folders stored on samba server.

in other words, on a samba server that has joined AD domain, I want to assign permissions on users of AD on directories on samba server.

Regards
Maaz
0 Kudos
Reply
8 REPLIES 8
Court Campbell
Honored Contributor

тАО09-10-2008 08:09 AM

тАО09-10-2008 08:09 AM

Re: setting acl on AD users

Yes you can.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
0 Kudos
Reply
Maaz
Valued Contributor

тАО09-10-2008 06:34 PM

тАО09-10-2008 06:34 PM

Re: setting acl on AD users

Hi Court Campbell
>Yes you can.
:), thanks but if you can also please guide how to do this ?
any url/doc/tutorial ?

Regards
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

тАО09-11-2008 05:59 AM

тАО09-11-2008 05:59 AM

Re: setting acl on AD users

To be able to set permissions to files and folders, you must map the UID/GID to Windows SIDS. For this job, probably, winbind is the way to go.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Court Campbell
Honored Contributor

тАО09-11-2008 06:02 AM

тАО09-11-2008 06:02 AM

Re: setting acl on AD users

Well, I assume that you are using winbind. If so and all is working, you just use the chown or chgrp commands. I just assume you are already familiar with those commands.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
0 Kudos
Reply
Maaz
Valued Contributor

тАО09-11-2008 07:07 PM

тАО09-11-2008 07:07 PM

Re: setting acl on AD users

Hi Ivan Ferreira and Court Campbell, thanks for help.
I dont know about winbind, because this SAMBA server is SLES 10, SLES 10 can join AD Domain, using 3 or 4 mouse clicks, very smoothly and without any issue.

Anyhow I'll check it

Thanks
0 Kudos
Reply
Gokul Chandola
Trusted Contributor

тАО09-12-2008 07:55 PM

тАО09-12-2008 07:55 PM

Re: setting acl on AD users

Hi,
You can do this.
You have to define AD users in Samba Server for desired directories also.

Regards,
Gokul Chandola
There is always some scope for improvment.
0 Kudos
Reply
Maaz
Valued Contributor

тАО09-12-2008 08:25 PM

тАО09-12-2008 08:25 PM

Re: setting acl on AD users

Hi thanks Gokul Chandola
>You have to define AD users in Samba Server for desired directories also.

say I have a user maaz in MS AD Domain, then what to do in smb.conf ? please share.

cat /etc/samba/smb.conf
[data]
path = /data
read only = No

I want to set permission for maaz(domain user), and to all those users that are member of "grad1" group of MS AD domain on /data directroy


0 Kudos
Reply
Ivan Ferreira
Honored Contributor

тАО09-16-2008 07:37 AM

тАО09-16-2008 07:37 AM

Re: setting acl on AD users

It depends of the "security = " samba setting. Check the Samba 3 Howto for detailed information about this setting or smb.conf.

Then you will have:

cat /etc/samba/smb.conf
[data]
path = /data
read only = No
valid users = maaz @grad1

Considering that grad1 is a Unix/LDAP group.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.