[Samba] Can't get permission on a share to work problem with groups
Rowland Penny
rowlandpenny at googlemail.com
Sun Feb 9 03:19:33 MST 2014
On 24/01/14 21:05, Horace wrote:
> Hello,
>
> 1. I have created a directory /srv/samba4/Public Applications.
> 2. I created a group 'Domain Admins' with gid 1003
When you say that you created a group called 'Domain Admins', just how
did you create it? or do you mean that you added the gidNumber '1003' to
the already existing group in AD?
Rowland
> 3. I setfacl -m group:1003:rwx on Public Applications
> 4. I created a share
> [Public Applications]
> read list = @ACCOUNTSAD\"Domain Users"
> write list = @"Domain Admins"
> comment = Public Applications
> path = /srv/samba4/Public Applications
> #admin users = @"Domain Admins"
> 5. wbinfo --group-info 'Domain Admins'
> ACCOUNTSAD\Domain Admins:*:1003:
>
> Debug level
> # Debug logging information
> #log level = 10
> log level = 3
> #log file = /var/log/samba.log.%m
> #max log size = 50
> debug timestamp = yes
> syslog only = yes
>
>
> As anyone can see, I like Domain Admins read write access and Domain
> Users read access only. For whatever reason, when I access the share
> \\PDC-S2\Public Applications and try to create a folder, I get
> Permission denied.
>
> I have tailed both syslog's and log.smbd and there is NO relevant
> information regarding why this is failing.
>
> Am I doing something wrong here ?
More information about the samba
mailing list