[Samba] force group does not work

steve steve at steve-ss.com
Sat Feb 8 11:43:27 MST 2014 

On Sat, 2014-02-08 at 10:35 +0100, Leander S. wrote:
> Hi
> 
> I set up a samba 4.1.4 server on the latest FreeBSD RELEASE 10. 
> Unfortunately it doesn't seem to consider the option force group. After 
> hours ofresearch I couldn't figure out what I'm still missing. unix 
> extensions is set to no. Setting the debug level up to 10 also didn't 
> help ;(
> Is this a bug or is there simply a mistake in my setup?
> 
> When
> *valid users = @Groupname*
> is set, then I don't have access to the share at all anymore.
> 
> As funny as it sounds, but
> *force user* **= *MyUsername*
> is working as expected.
> 
> 
> id -Gn MyUsername
> MyUsername Groupname
> 
> getent group Groupname
> Groupname:*:2004:MyUsername,Groupname
> 
> 
> # ============= Global ============= #
> 
>      [global]
> 
>       # Basic server settings
>       workgroup          = DOMAIN
>       realm              = DOMAIN.LOCAL
>       netbios name       = FILESERVER
>       server role        = standalone server
> 
>       # Password backend
>       passdb backend     = samba_dsdb
> 
>       # DNS
>       dns forwarder      = 10.0.0.1
> 
>       # Logging
>       log level = 2
>       max log size = 5000
> 
>       # Charset
>       unix charset       = UTF-8
>       dos charset        = cp1252
> 
>       # NTLMv2 aktivieren
>       ntlm auth          = No
>       lanman auth        = No
>       client ntlmv2 auth = Yes
> 
>       # Printing
>       load printers = No
>       printing      = BSD
>       printcap name = /dev/null
> 
>       # Default masks
>       unix extensions      = No
lose these for now:
>       create mask          = 0770
>       force create mode    = 0770
>       directory mask       = 0770
>       force directory mode = 0770
> 

>       # Miscellaneous
>       veto oplock files  = /*.doc/*.xls/*.ppt/*.mdb/*.docx/*.xlsx/*.ppt
> 
> 
> # ============= Shares ============= #
> 
>      [MyShare]
>       comment     = NAS
>       path        = /mnt/MyShare
>       guest ok    = No
>       read only   = No
>       valid users = @Groupname
>       forece user = MyUsername
>       force group = Groupname
> 
> 
> 
> 
> 
> 
> 
> Any help would be greatly appreciated ;)
> 
> Best Regards
> L.
> 
> 

change this:
force user = MyUsername
and go for something like:
chgrp Groupname /mnt/MyShare
chmod g +s /mnt/MyShare
maybe?
Steve

More information about the samba mailing list