[Samba] Access denied msg when using M$ MMC under W2k or XP on ACL
compiled Samba and 2.4.20 Kernel with Acl on ext2 and ext3
incynr8
incynr8 at lawngnome.org
Wed Oct 22 15:10:53 GMT 2003
Hello,
I am currently struggling with the final step (so it seems) in using a RH9
box with standardized kernel build 2.4.20, with enabled acl, and Samba 3
built with ACL enabled as well. I am able to join the domian with net ADS
join -U USERNAME, and use wbinfo and getent, showing the users and groups
from the domain.
However, I am incappable of setting the permissions so DOMAIN+USER can use
the samba shares.
Example...I can chown DOMAIN+BOB DIRECTORY, that is samba share, but he
cannot write to it.
More importantly, I cannot determine a way to manage the permissions through
the MMC, so that the DOMAIN users can access/write, etc the shares.
Included is a copy of my smb.conf file.
I have nt acl support set in a couple places in an attempt to see what
works, but I get the EVERYONE full control option as descriped as if the
seeting is off, yet noone does seem to have write access to bob2 share for
instance.
I'm not certain if my problem is pam related, passwddb backed related, or
filesystem/permissions related.
Thank you,
AL
# Samba config file created using SWAT
# from
# Date: 2003/10/20 17:24:03
# Global parameters
[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL
netbios name = FILES
server string =
security = ADS
auth methods = winbind
obey pam restrictions = Yes
password server = WIN2KPDCIPADDRESS
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
unix password sync = Yes
log file = /var/log/samba/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
load printers = No
preferred master = No
local master = No
domain master = No
dns proxy = No
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = +
printing = cups
nt acl support = yes
[test]
comment = test-writeable
path = /home/samba/test
read only = No
[all]
comment = All-writeable
path = /home/samba/all
write list = guest
read only = No
guest ok = Yes
[bob2]
nt acl support = yes
path = /home/DOMAIN/bob
admin users = DOMAIN/root, DOMAIN/administrator, DOMAIN/bob
read list = bob
More information about the samba
mailing list