Problem when Administrator creating files (samba4.0.4)
martin.rueegg at metaworx.ch
Sun Dec 6 18:34:11 UTC 2015
just for the records: i've come across this problem too. but actually, it is
not an issue of samba, but rather of windows. so a security setting of
windows determines if objects (files and folders) created by an administator
(thus a user in an administrator security group, e.g. "Domain Admins") is
created with the user or the group as it's owner.
> group policy
> under Server 2003 which controls this behavior is under
> security settings
> local policies
> security options
> : "
> System object Default owner for objects created by members of the
> Administrators group
> ". The options are "
> object creator
> " or "
> administrators group
<http://arstechnica.com/civis/viewtopic.php?f=17&t=52110> (emphasis added)
for later OS see MS KB: A Group Policy setting is not available in the
security policy settings list on a computer that is running Windows Server
> 8hatchery wrote
>> I shared a folder on samba 4.0.4 AD DC server, just a simple home server.
>> Everything seems ok, acl is working fine.
>> The problem I encounter is that when I create a file or directory in the
>> shared folder with Administrator from windows client, then I go back to
>> server to check the file. And I will see owner of that file or directory
>> is always 3000000(no name), not Administrator or root. The group owner is
>> users (this seems correct). Looks like this,
>> total 3
>> drwxrwxr-x+ 2 3000000 users 4096 Mar 23 18:17 CreatedByAdministrator
>> drwxrwxr-x+ 2 sam family 4096 Mar 23 18:29 CreatedByDomainUser
>> drwxrwxr-x+ 2 sam family 4096 Mar 23 18:18 createdByLinuxUser
>> And when I check the uid 3000000 with wbinfo, it says no such uid.
>> Why isn't owner of the file Administrator or root, since administrator is
>> mapped to root on server side?
>> I followed the the samba4/winbind guide from
>> here <https://wiki.samba.org/index.php/Samba4/Winbind>
>> Some other normal domain users are mapped correctly to corresponding
>> local linux users, and there is no such problem for these normal users,
>> it seems to be just for domain admins.
> No one? Is my question too naive, not in the right section or something?
> Please some one responds me, even just a criticize, then I know I need to
> read and learn more before asking questions.
> Add to the problem:
> if I join sam to "Domain Admins" group, then the files sam created will
> also be owned by 3000000. Once I remove sam from "Domain Admins" group,
> the file he created will be owned by sam. Since I want sam to be an admin,
> I really want to make this work.
View this message in context: http://samba.2283325.n4.nabble.com/Problem-when-Administrator-creating-files-samba4-0-4-tp4645819p4695467.html
Sent from the Samba - samba-technical mailing list archive at Nabble.com.
More information about the samba-technical