[Samba] Samba and Active Directory Permissions RESOLUTION

Simone simone72 at email.it
Sat Mar 20 12:06:49 GMT 2004

Hi everyone. I'm running into the same problem. I've set up slackware 9.1
with kernel 2.6.4 to have acl support for ext3 (tried also to work with
kernel 2.4.25 + patch acl), samba 3.0.2a. Joined the domain as a member and
followed instructions in the acl howto. Samba is working and I can set up
shares using winbind authentication, just fine. The problem is with acl if I
try to set from a win2k box. I can change permissions only on files and not
on folders, and only on the already present users (can't add or remove
anyone). I've been testing many options (security mask, directory security
mask, create mask/directory) and I have set admin users '@DOMAIN\Domain
Admins' but still no success. Here's my share conf:

path = /samba/acl   the folder is owned by user simone that is part of the
Domain Admin group
valid users = DOMAIN\simone
read only = no
browseable = yes
admin users = DOMAIN\simone
create mask = 0770
directory mask = 0770
directory security mask = 0700

What am I missing? I can get into the share and create new folders, but when
I try to change permissions I get error unable to save permissions. I've
been searching through the last  6158 messages on the list and followed
hints but unsuccessful.
Any help would be greatly appreciated since I am lost at the moment.
PS I have not created any local samba user, not even root, users are only
from domain


----- Original Message ----- 
From: "John Petro" <jxpsys at rit.edu>
To: <samba at lists.samba.org>
Sent: Friday, March 19, 2004 8:58 PM
Subject: RE: [Samba] Samba and Active Directory Permissions RESOLUTION

  Thanks for the responses.  There were two things I had to do to get
this to work.  The first thing was I had to change the readonly
attribute in the smb.conf to NO.  I also noticed that there was an error
in my /etc/fstab so that the options were not read in for some reason.
Once I fixed this and re-mounted the filesystem with the ACL option, I
was able to do what I needed to do.  Thanks again for all your


-----Original Message-----
From: samba-bounces+jxpsys=rit.edu at lists.samba.org
[mailto:samba-bounces+jxpsys=rit.edu at lists.samba.org] On Behalf Of John
Sent: Thursday, March 18, 2004 12:13 PM
To: samba at lists.samba.org
Subject: [Samba] Samba and Active Directory Permissions


  I am currently running Samba 3.0.2a on a RHEL3 server.  I would like
to use the extended file systems permissions through windows, but I
haven't had much luck.  Here is how I am set up....

My linux box is joined to my AD domain and appears to be functioning
correctly.  I also have winbind set up, and functioning, although I
still have some tweaking to do, it is assigning user and group ids as I
would expect it to.  I can create a share ok via Samba or active
directory users and computers with out a problem.  However, once I
create this share, and I mount it on a windows client, I can't do
anything as far as  setting or deligating permissions.  When I look at
the folder properties, it says the folder it owned by root on my linux
server.  It will not let me change the ownership to any other user.  I
get a error that says something to the effect that I don't have the
rights to change the permissions.

Has anyone had this issue, and do you know what I can do to get around
this.  I really don't want to go to a windows platform for my


To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.631 / Virus Database: 404 - Release Date: 18/03/2004

More information about the samba mailing list