Problem when Administrator creating files (samba4.0.4)

Sun Dec 6 18:34:11 UTC 2015

just for the records: i've come across this problem too. but actually, it is
not an issue of samba, but rather of windows. so a security setting of
windows determines if objects (files and folders) created by an administator
(thus a user in an administrator security group, e.g. "Domain Admins") is
created with the user or the group as it's owner.

Dilbert wrote
> The 
*
> group policy
*
>  under Server 2003 which controls this behavior is under 
*
> security settings
*
>  > 
*
> local policies
*
>  > 
*
> security options
*
> : "
*
> System object Default owner for objects created by members of the
> Administrators group
*
> ". The options are "
*
> object creator
*
> " or "
*
> administrators group
*
> ". 

source:  http://arstechnica.com/civis/viewtopic.php?f=17&t=52110
<http://arstechnica.com/civis/viewtopic.php?f=17&t=52110>   (emphasis added)

for later OS see MS KB:  A Group Policy setting is not available in the
security policy settings list on a computer that is running Windows Server
2008 <https://support.microsoft.com/en-us/kb/947721>  

martin.

8hatchery wrote
> 
> 8hatchery wrote
>> I shared a folder on samba 4.0.4 AD DC server, just a simple home server.
>> Everything seems ok, acl is working fine.
>> 
>> The problem I encounter is that when I create a file or directory in the
>> shared folder with Administrator from windows client, then I go back to
>> server to check the file. And I will see owner of that file or directory
>> is always 3000000(no name), not Administrator or root. The group owner is
>> users (this seems correct). Looks like this,
>> 
>> total 3
>> drwxrwxr-x+ 2 3000000 users  4096 Mar 23 18:17 CreatedByAdministrator
>> drwxrwxr-x+ 2 sam       family  4096 Mar 23 18:29 CreatedByDomainUser
>> drwxrwxr-x+ 2 sam       family  4096 Mar 23 18:18 createdByLinuxUser
>> 
>> 
>> And when I check the uid 3000000 with wbinfo, it says no such uid.
>> 
>> Why isn't owner of the file Administrator or root, since administrator is
>> mapped to root on server side? 
>> 
>> I followed the the samba4/winbind guide from 
>> here <https://wiki.samba.org/index.php/Samba4/Winbind>  
>> 
*
>> Edit:
*
>>  Some other normal domain users are mapped correctly to corresponding
>> local linux users, and there is no such problem for these normal users,
>> it seems to be just for domain admins.
> No one? Is my question too naive, not in the right section or something?
> Please some one responds me, even just a criticize, then I know I need to
> read and learn more before asking questions.
> 
> 
> Add to the problem:
> if I join sam to "Domain Admins" group, then the files sam created will
> also be owned by 3000000. Once I remove sam from "Domain Admins" group,
> the file he created will be owned by sam. Since I want sam to be an admin,
> I really want to make this work.

--
View this message in context: http://samba.2283325.n4.nabble.com/Problem-when-Administrator-creating-files-samba4-0-4-tp4645819p4695467.html
Sent from the Samba - samba-technical mailing list archive at Nabble.com.