[Samba] Samba Permissions Problem

Dale Schroeder dale at BriannasSaladDressing.com
Fri Jan 22 12:32:22 MST 2010 

On 01/21/2010 3:08 PM, Robert Steinmetz AIA wrote:
> I need help understanding what is happening and trouble shooting.
>
> I have two servers running Samba 2.3.3, one as a Domain Controller one 
> as a Member Server. Both are running Ubuntu 8.10. smbd, nmbd and 
> winbindd using the tdb back end are running on both.
>
> I have two shares on the member server and as far as I can tell they 
> are identical. [Projects] works as expected but [Windows] always asks 
> for a login name even though the smb.conf entries for both are are the 
> same. If I comment out the "force group" in [Windows] users can access 
> the share but there are errors writing and creating files. If I create 
> a new share it acts as the [Windows] share.
>
> Here are the share definitions and a list of the files in the directory;
>
> [Projects]
>        Comment = Project Files
>        path = /files/Lucretia/Projects
>        writeable = yes
>        browseable = yes
>        create mask = 0764
>        directory mask = 0775
>        force group = "ATLANTA\domain users"
>
> [Windows]
>        comment = Atlanta Windows Files
>        path = /files/Lucretia/Windows
>        browseable = yes
>        writeable = yes
>        create mask = 0764
>        directory mask = 0775
>        force group = "ATLANTA\domain users"
>
>
> root at louise:/files/Lucretia# ls -l
> total 66
> drwxrwsr-x   2 root          10001    48 2008-07-17 03:17 Arris
> -rw-r-Sr--   1 root          10001  5952 2008-07-17 04:25 list
> drwxrwsr-x  74 ATLANTA\rob   10001 17040 2009-12-17 15:25 Office
> drwxrwsr-x  67 rob           10001 14456 1969-12-31 19:00 Office.orig
> drwxrwsr-x  51 ATLANTA\trish 10001  4528 2010-01-14 14:26 Projects
> drwxrwsr-x   8 ATLANTA\rob   10001   400 2009-07-10 15:52 Sigma
> drwxrwsr-x   6 rob           10001   304 2008-07-17 02:50 Sigma.old
> drwxrwsr-x 314 ATLANTA\trish 10001 24280 2010-01-13 09:49 Windows
>
> Testparm shows no problems although it does rearrange the share 
> definitions somewhat.
>
> The problem must be in windows permissions but I don't know how to 
> check them, especially since I have only ssh access because the site 
> is remote. I have to rely on local users for testing.
>
> How can I get a list of ATLANTA\domain admin group users?
>
> How can I change the permissions?

Any possibility of acl's, especially default acl's?

getfacl /files/Lucretia/Projects
getfacl /files/Lucretia/Windows

More information about the samba mailing list