Gomez, Daniel wrote:
Does anyone know if one can use LDAP groups to assign file system ACLs
when Samba is used with an ldap back-end for user accounts?
As you know LDAP is just a backend directory and could be replaced with winbindd lookups to a Windows domain or local files. So yes, you can use a group (and user) to perform ACL permissions independent of the fact that you may be using LDAP.
The real question is does your compilation of the samba suite and filesystem support ACLs and finally for the scope of ACL you intend to support?
I wager that all suse provided samba instances have ACL support built in. I know 10.2beta1 does:
Suse102beta1:~ # smbd -b | grep ACL HAVE_SYS_ACL_H HAVE_POSIX_ACLS Suse102beta1:~ #
You will likely find the default ACL settings to work just fine if you are mixing windows and unix access to say a typical linux filesystem (ext3). But if you have more advance requirements for the scope of ACL support read this to get an idea of what it possible beyond a default smb.conf: http://docs.hp.com/en/B8725-90053/ch03s06.html
Thank you very much for your response Daniel. -- --Moby They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org