[Samba] NT ACL Problem in SAMBA File Server UNDER WINNT PDC DOMAIN

Fahriar Ahmed fahriar at grameenphone.com
Mon Apr 1 01:04:12 GMT 2002


I have configure my Samba as a File Server member of Winnt Domain.
My target is to  give permission from WINNT on that Linux samba file server,
but it is not allowed to give permission.

I am using Samba Version 2.2.3a on Red Hat 7.2.
I have configured samba from binary with -winbindd and with nt acl support =
If I give the command wbinfo -u / wbinfo -g then it shows all user name of
NT domain.
If I connect from my winnt machine to Samba File server it show the
permission and also show me the NT domain users name but not allow me to
modify/add  the permission in any folders though I am connect as a admin of
NT. I got the following error
Unable to save permission changes on test on Printserver : Access Denied
And I got the error in log.fahriar_laptop as follows

[2002/04/01 09:02:42, 0] lib/username,c: user_in_winbind_group_list(356)
user_in_winbind_group list: winbind_lookup_name for group ntadmin failed
[2002/04/01 09:02:42, 0] smbd/service,c: make_connection(248) fahriar_laptop
( couldn't find service tes

But I able to create folders from winnt machine on the test folders . then
it set the permission as
Drwxrwxr-x  3 DHKDOMAI   DHKDOMAI   4096 ....   Hello

Waiting for your kind and quick response.

Here is my smb.conf configuration

# This is the main Samba configuration file. You should read the

#======================= Global Settings

   workgroup = DHKDOMAIN
   server string = Samba Server
   printer admin = @ntadmin
    hosts allow =
   printcap name = /etc/printcap
   load printers = yes

   log file = /usr/local/samba/var/log.%m

   security = domain
    password server = DHKGPPDC PADMA KOROTOA
   encrypt passwords = yes
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

   local master = no
   domain master = no
   preferred master = no
   domain logons = no

   winbind separator = +
   winbind uid = 10000-20000
   winbind gid = 10000-20000
   winbind enum users = yes
   winbind enum groups = yes
   template homedir = /home/winnt/%D/%U
   template shell = /bin/bash

    name resolve order = lmhosts, bcast, wins

;   wins support = yes
    wins server =
;   wins proxy = yes

#============================ Share Definitions

	path = /var/test/share
	comment = Test Purpose
	public = yes
	writable = yes
	create mask = 0777
	security mask = 0777
	force security mode =0
	directory security mask = 0777
	force directory security mode = 0
        write list = @ntadmin, root , admin at DHKDOMAIN
;	nt acl support = yes

Keep Smile (-:


Fahriar Ahmed
Deputy Manager
Network Administration, Information Technology
GrameenPhone Ltd.
Phone: +88 02 988 29 90
Fax:   +88 02 988 29 70
Web: http://www.grameenphone.com

More information about the samba mailing list