[Samba] Re: Admins cannot change folder ownership
m.klimke at tu-harburg.de
Fri Apr 30 13:27:55 GMT 2004
ww m-pubsyssamba wrote:
> Hi All,
> how can I allow an administrator to have permission to change folder ownership from windows explorer?
> The Samba server is an AD domain member server and I'm using group mapping not winbind for users and groups in Samba, I've
> tried mapping both the Administrators and Domain Admins groups to UNIX groups of which my test user is a member of but I always
> get a permission denied error when attempting to change the ownership of a folder. Anyone like to explain this to me?
> thanks in advance, cheers Andy.
I can't give you a total solution solving your (our, you are definitly
not alone with this) problem. This problem is a mapping conflict. If you
try to change the permissions on windows side, you will see in the samba
log, that it can't map the SID under windows to a UID under unix. This
will take, I think, a deeper look into the ACL's. I think, that we have
to use winbind at all, because it makes the SID->UID mapping. Using
group mapping is recommended, I think, but you have to consider the
rid's. If you make a usual mapping to the "Domain Users" group without
defining the rid, the last part of the SID will be generated
automatically (algorithm mapping, or so).
No solution, but maybe a hint. If you solve it, please post.
More information about the samba