Quote:
Originally Posted by eoncho
|
I have not been "deep into Windows" like this for several years, so I really don't feel qualified to say. But it superficially
appears that Samba knows enough of the protocol to get the job done.
However, my original thought was that you would store the assets somewhere on the network under "real Microsoft" hardware – so that you know that it's their software that's protecting it. Then, you access those protected resources through Samba.
One thing to consider about this is, "what is the underlying filesystem here?" If Samba is storing the resources, the underlying filesystem is Linux. Now, Linux has an ACL implementation of its own – but it's somewhat different from Windows' model so there is "mapping" from one to the other. (And, unless you are authenticating all of your Linux users through the Microsoft-managed LDAP/OpenDirectory that is used on the Windows side, there could be identity/authorization hiccups, too.
Perhaps you don't want that. If the resources are truly sensitive, maybe you want to store them where Microsoft's ACLs are known to apply
natively. They know how to write a good, high-performance file server.
At the end of the day, you simply want secure storage for your assets in a way that you (and everyone else at your company) can easily understand and manage.
I'm being vague because my understanding of the situation on the Microsoft side is imperfect.