[Samba] Unable to create folders

Errol Neal eneal at dfi-intl.com
Sat Dec 10 23:07:08 GMT 2005


Hi. I'd like some help trying to troubleshoot a permissions issue on my
system if you folks don't mind. I'm sure it's just a small thing - but
another pair of eyes may help me locate the issue.

My platform is Solaris 10 running on a Sun Fire V440. I'm running Samba
3.0.21RC2 compiled with Sun Studio 11. Here is how it is configured..

 --prefix=/usr/local --sysconfdir=/etc --localstatedir=/var
--with-krb5=/opt/csw --with-lockdir=/var/samba/locks
--with-logfilebase=/var/samba/log --with-piddir=/var/run
--with-configdir=/etc/samba --with-privatedir=/etc/samba --with-pam
--with-acl-support

Here is my smb.conf.

# Global parameters
[global]
        workgroup = ******
        realm = *******
        password server = 172.16.101.105 172.16.3.22
        netbios name = TWAP01
        security = ADS
        encrypt passwords = true
        winbind gid = 60000-65000
        winbind uid = 60000-65000
        winbind separator = +
        template homedir = /home/%U
        template shell = /bin/sh
        winbind use default domain = yes
        log level = 2



[tmp]
        path = /tmp
        writeable = yes

[homes]
        path = /home/%U
        browseable = no
        delete readonly = yes
        writeable = yes
        admin users = @"Domain Admins", "Domain Admins"

[upload]
        path = /home/developers
        valid users = @"Domain Users"
        browseable = yes
        writeable = yes
        acl group control = yes
        inherit acls = yes
        acl compatibility = win2k
        
Here is the acls on share [upload]

# getfacl /home/developers

# file: /home/developers
# owner: root
# group: ISInfrastructure
user::rwx
group::rwx              #effective:rwx
group:ITServices:rwx            #effective:rwx
group:ISInfrastructure:rwx              #effective:rwx
mask:rwx
other:r-x
default:user::rwx
default:group::rwx
default:group:ITServices:rwx
default:group:ISInfrastructure:rwx
default:mask:rwx
default:other:r-x

I am a member of the group ISInfrastructure:

# getent group | grep ISInfrastructure
ISInfrastructure:x:60006:eneal,jsnipper

Yet I cannot create any new folders over cifs. However if I log into the
system via ssh using my AD credentials, I am able to create files and
folders and manipulate them locally which shows at least my ACLs are in
order and winbind is doing it's thing properly. Can someone find
anything in my setup which would prevent me from creating new
files/folders over the network?

Also yes - I know I am working with a release canidate, but Windows acls
were not working in .20 and I saw they were fixed in this release. 

Thanks in advance!!

Errol Neal



More information about the samba mailing list