[Samba] Unable to create folders

Errol Neal eneal at dfi-intl.com
Sat Dec 10 23:07:08 GMT 2005

Hi. I'd like some help trying to troubleshoot a permissions issue on my
system if you folks don't mind. I'm sure it's just a small thing - but
another pair of eyes may help me locate the issue.

My platform is Solaris 10 running on a Sun Fire V440. I'm running Samba
3.0.21RC2 compiled with Sun Studio 11. Here is how it is configured..

 --prefix=/usr/local --sysconfdir=/etc --localstatedir=/var
--with-krb5=/opt/csw --with-lockdir=/var/samba/locks
--with-logfilebase=/var/samba/log --with-piddir=/var/run
--with-configdir=/etc/samba --with-privatedir=/etc/samba --with-pam

Here is my smb.conf.

# Global parameters
        workgroup = ******
        realm = *******
        password server =
        netbios name = TWAP01
        security = ADS
        encrypt passwords = true
        winbind gid = 60000-65000
        winbind uid = 60000-65000
        winbind separator = +
        template homedir = /home/%U
        template shell = /bin/sh
        winbind use default domain = yes
        log level = 2

        path = /tmp
        writeable = yes

        path = /home/%U
        browseable = no
        delete readonly = yes
        writeable = yes
        admin users = @"Domain Admins", "Domain Admins"

        path = /home/developers
        valid users = @"Domain Users"
        browseable = yes
        writeable = yes
        acl group control = yes
        inherit acls = yes
        acl compatibility = win2k
Here is the acls on share [upload]

# getfacl /home/developers

# file: /home/developers
# owner: root
# group: ISInfrastructure
group::rwx              #effective:rwx
group:ITServices:rwx            #effective:rwx
group:ISInfrastructure:rwx              #effective:rwx

I am a member of the group ISInfrastructure:

# getent group | grep ISInfrastructure

Yet I cannot create any new folders over cifs. However if I log into the
system via ssh using my AD credentials, I am able to create files and
folders and manipulate them locally which shows at least my ACLs are in
order and winbind is doing it's thing properly. Can someone find
anything in my setup which would prevent me from creating new
files/folders over the network?

Also yes - I know I am working with a release canidate, but Windows acls
were not working in .20 and I saw they were fixed in this release. 

Thanks in advance!!

Errol Neal

More information about the samba mailing list