solaris 10 -zfs - smb.conf

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

solaris 10 -zfs - smb.conf

RegioGis
This post was updated on .
CONTENTS DELETED
The author has deleted this message.
Reply | Threaded
Open this post in threaded view
|

Re: solaris 10 -zfs - smb.conf

Gaiseric Vandal
I am making some guesses...

Read the man page on idmap_rid.   That might make the idmap stuff a
little simpler (it doesn't apply to my environment so I am not 100% sure.)

Does "wbinfo -u" and "wbinfo -g" list the AD domain users and groups?  
Does "getent passwd" and "getent group" list those users?    Do you have
/etc/nsswitch.conf configured to handle users and groups from
winbind?    The Solaris OS has so have some way of dealing with
"Windows" users.

Is your idmap backend TDB or ldap?  Do you see idmap entries in the
IDMAP DB?




On 09/27/2010 07:29 AM, RegioGis wrote:

> I'm desperately looking for an example of a working smb.conf file for solaris
> 10 using zfs ?
> I've been trying so many possible combinations of the available options, but
> I can not get it working properly.
> I want to mimic simple NT acls, including  inheritance, and the possibility
> to add AD groups.
> I often get stuck on deny aces being generated as the first aces in the acl.
> Environment : solaris 10 with zfs, AD integration via kerberos enabled,
> samba 3.0.35
>
> smb.conf   ( one of the many try-outs ... )
> ---------
>
> [global]
>          workgroup = X
>          realm = X.Y.Z
>          netbios name = GISSMBD
>          server string = GIS DEV Samba Server
>          security = ADS
>          auth methods = winbind
>          server signing = auto
>          preferred master = No
>          local master = No
>          dns proxy = No
>          ldap timeout = 86400
>          idmap uid = 10000-20000
>          idmap gid = 10000-20000
>          winbind use default domain = yes
>          ...
>
> [share1]
>          path = /path/to/share1
>          force group = gis
>          read only = no
>          create mask = 0660
>          directory mask = 0770
>          force unknown acl user = yes
>          acl check permissions = no
>          ea support = yes
>          store dos attributes = yes
>          map readonly = no
>          map archive = no
>          map system = no
>          vfs objects = zfsacl
>          nfs4: mode = special
>          nfs4: acedup = merge
>
> Thanks in advance
>    

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba