Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 6 Aug 2007 17:10:34 +0800
From:      "Wilkinson, Alex" <alex.wilkinson@dsto.defence.gov.au>
To:        questions@freebsd.org
Subject:   setfacl(1) - Can FreeBSD's ACLs contain groups from NT/AD domains ?
Message-ID:  <20070806091033.GA57676@obelix.dsto.defence.gov.au>

Next in thread | Raw E-Mail | Index | Archive | Help
Hi all,

I have "FreeBSD 7.0-CURRENT #1: Wed Jul 25" authenticating successfully against
active directory via samba's winbindd(8). I need to manage samba shares via
FreeBSD ACLs and CIFS ACLs. From my reading of setfacl(1) I should be able to
set group permissions using the syntax of DOMAIN\group-name. For example:

   #setfacl -d -m g:"MYDOMAIN\mygroupname":rwx test

However, when I do this on FreeBSD -CURRENT I get the following error:

   #setfacl -d -m g:"MYDOMAIN\mygroupname":rwx test
    setfacl: g:MYDOMAIN\mygroupname: Invalid argument

>From a quick Google it looks like Linux ACLs can do the aforementioned
[http://www.techtutorials.net/blogs/index.php?mode=viewuser&user_id=7].

Does anyone know ?

 -aW

IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914.  If you have received this email in error, you are requested to contact the sender and delete the email.





Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20070806091033.GA57676>