[Samba] Domain member ACL does not show correct domain name

Evan Rempel erempel at uvic.ca
Thu Nov 4 23:02:32 GMT 2004

I have a Samba 3.0.7 server running as a domain member, with ACL support 
enabled. When using a windows client to look at the security of a file, 
all of the permissions show the the samba server as the domain, not the 
actual domain name.


My Samba server is called CASE.
My domain is called CASEDOM

When I look at the permissions of a file, they show

CASE\erempel	full
CASE\erempel	read+execute
everyone	none

if I try to add another permission for the user

as soon as I click on the apply button, the permission dissapears.
I can only add permissions for CASE\bill

This is not the way I think it should work, and it is not the way it works 
on a windows server.

Any suggestions as to what I am missing?

Just for completeness, I am running on both Redhat Advance Server 3 
and on AIX 5.2 and both have the same symptoms. Here is the smb.conf file.

# Samba config file created using SWAT
# from (
# Date: 2004/11/04 14:33:57

# Global parameters
         workgroup = CASEDOM
         server string = testing
         security = DOMAIN
         update encrypted = Yes
         password server = ntsrvr1 ntsrvr2
         guest account = guest
         client NTLMv2 auth = Yes
         client lanman auth = No
         client plaintext auth = No
         syslog = 2
         log file = /usr/local/samba/var/log.%m
         debug pid = Yes
         debug uid = Yes
         deadtime = 600
         max smbd processes = 500
         socket options = TCP_NODELAY SO_KEEPALIVE
         load printers = No
         os level = 1
         ldap ssl = no
         invalid users = root, bin, sys
         create mask = 0700
         directory mask = 0700
         force unknown acl user = Yes
         map acl inherit = Yes
         veto files = /.cshrc/.login/.logout/.profile/.mailboxlist/
         map archive = No
         mangled names = No
         wide links = No

         comment = Home Accounts
         path = /home
         read only = No

Evan Rempel				erempel at uvic.ca
Senior Programmer Analyst		250.721.7691
Computing Services
University of Victoria

More information about the samba mailing list