From owner-freebsd-questions@FreeBSD.ORG Mon Aug 6 09:25:14 2007 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AE88316A418 for ; Mon, 6 Aug 2007 09:25:14 +0000 (UTC) (envelope-from wilkinsa@obelix.dsto.defence.gov.au) Received: from digger1.defence.gov.au (digger1.defence.gov.au [203.5.217.4]) by mx1.freebsd.org (Postfix) with ESMTP id 32C2813C47E for ; Mon, 6 Aug 2007 09:25:14 +0000 (UTC) (envelope-from wilkinsa@obelix.dsto.defence.gov.au) Received: from ednmsw510.dsto.defence.gov.au (ednmsw510.dsto.defence.gov.au [131.185.68.11]) by digger1.defence.gov.au (8.13.8/8.13.8) with ESMTP id l7690RAV021428 for ; Mon, 6 Aug 2007 18:30:27 +0930 (CST) Received: from ednex510.dsto.defence.gov.au (ednex510.dsto.defence.gov.au) by ednmsw510.dsto.defence.gov.au (Clearswift SMTPRS 5.2.9) with ESMTP id for ; Mon, 6 Aug 2007 18:41:10 +0930 Received: from obelix.dsto.defence.gov.au ([203.6.60.208]) by ednex510.dsto.defence.gov.au with Microsoft SMTPSVC(6.0.3790.1830); Mon, 6 Aug 2007 18:41:10 +0930 Received: from obelix.dsto.defence.gov.au (localhost [127.0.0.1]) by obelix.dsto.defence.gov.au (8.14.1/8.14.1) with ESMTP id l769AYlF063075 for ; Mon, 6 Aug 2007 17:10:34 +0800 (WST) (envelope-from wilkinsa@obelix.dsto.defence.gov.au) Received: (from wilkinsa@localhost) by obelix.dsto.defence.gov.au (8.14.1/8.14.1/Submit) id l769AYWO063074 for questions@freebsd.org; Mon, 6 Aug 2007 17:10:34 +0800 (WST) (envelope-from wilkinsa) Date: Mon, 6 Aug 2007 17:10:34 +0800 From: "Wilkinson, Alex" To: questions@freebsd.org Message-ID: <20070806091033.GA57676@obelix.dsto.defence.gov.au> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline Organisation: Defence Science Technology Organisation User-Agent: Mutt/1.5.16 (2007-06-09) X-OriginalArrivalTime: 06 Aug 2007 09:11:10.0347 (UTC) FILETIME=[BACA3DB0:01C7D809] X-TM-AS-Product-Ver: SMEX-7.0.0.1526-5.0.1021-15340.001 X-TM-AS-Result: No-1.061900-0.000000-31 Content-Transfer-Encoding: 7bit Cc: Subject: setfacl(1) - Can FreeBSD's ACLs contain groups from NT/AD domains ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Aug 2007 09:25:14 -0000 Hi all, I have "FreeBSD 7.0-CURRENT #1: Wed Jul 25" authenticating successfully against active directory via samba's winbindd(8). I need to manage samba shares via FreeBSD ACLs and CIFS ACLs. From my reading of setfacl(1) I should be able to set group permissions using the syntax of DOMAIN\group-name. For example: #setfacl -d -m g:"MYDOMAIN\mygroupname":rwx test However, when I do this on FreeBSD -CURRENT I get the following error: #setfacl -d -m g:"MYDOMAIN\mygroupname":rwx test setfacl: g:MYDOMAIN\mygroupname: Invalid argument >From a quick Google it looks like Linux ACLs can do the aforementioned [http://www.techtutorials.net/blogs/index.php?mode=viewuser&user_id=7]. Does anyone know ? -aW IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914. If you have received this email in error, you are requested to contact the sender and delete the email.