From 19bee8929b13b909292e9b11cf83f161c0777f63 Mon Sep 17 00:00:00 2001 From: John Terpstra Date: Thu, 31 Mar 2005 17:40:58 +0000 Subject: Fix missing LDAP server password problem. (This used to be commit 3b9c5d02c982c55583a6b95e9b7e42810a85d915) --- docs/Samba-HOWTO-Collection/AccessControls.xml | 23 ++++++++++++++++++++++- docs/Samba-HOWTO-Collection/IDMAP.xml | 7 +++++++ 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/docs/Samba-HOWTO-Collection/AccessControls.xml b/docs/Samba-HOWTO-Collection/AccessControls.xml index db4547f25d..251cc32fcc 100644 --- a/docs/Samba-HOWTO-Collection/AccessControls.xml +++ b/docs/Samba-HOWTO-Collection/AccessControls.xml @@ -1279,6 +1279,8 @@ default:other:--- <-- inherited permissions for everyone (other) Microsoft Windows NT4/200X ACLs must of necessity be mapped to POSIX ACLs. The mappings for file permissions are shown in . + The '#' character means this flag is set only when the Windows administrator + sets the Full Control flag on the file. How Windows File ACLs Map to UNIX POSIX File ACLs @@ -1287,7 +1289,7 @@ default:other:--- <-- inherited permissions for everyone (other) - Windows ACE + Windows ACE File Attribute Flag @@ -1358,6 +1360,19 @@ default:other:--- <-- inherited permissions for everyone (other) that is intended by the Administrator. + + In general the mapping of UNIX POSIX user/group/other permissions will be mapped to + Windows ALCs. This has precidence over the creation of POSIX ACLs. POSIX ACLs are necessary + to establish access controls for users and groups other than the user and group that + own the file or directory. + + + + The UNIX administrator can set any directory permission from within the UNIX environment. + The Windows administrator is more restricted in that it is not possible from within the + Windows Explorer to remove read permission for the file owner. + + @@ -1369,6 +1384,12 @@ default:other:--- <-- inherited permissions for everyone (other) an Access Control List (ACL), are mapped to Windows directory ACLs. + + Directory permissions function in much the same way as shown for file permissions, but + there are some notable exceptions and a few peculiarities that the astute administrator + will want to take into account in the setting up of directory permissions. + + diff --git a/docs/Samba-HOWTO-Collection/IDMAP.xml b/docs/Samba-HOWTO-Collection/IDMAP.xml index 33d8b899a1..0ea50280a7 100644 --- a/docs/Samba-HOWTO-Collection/IDMAP.xml +++ b/docs/Samba-HOWTO-Collection/IDMAP.xml @@ -867,6 +867,13 @@ Joined 'GOODELF' to realm 'SNOWSHOW.COM' + + Store the LDAP server access password in the Samba secrets.tdb file as follows: + +&rootprompt; smbpasswd -w not24get + + + Start the nmbd, winbind, and smbd daemons in the order shown. -- cgit