[Samba] Question - Does Samba Recognize non-Primary Group
Memberships?
Errol Neal
eneal at dfi-intl.com
Sun Dec 11 16:38:28 GMT 2005
I thought this was true, but In troubleshooting a permissions related
issue, I see evidence that it is not.
In my previous post, I was asking for assistance in trying to figure out
why I was unable to create files/folders over the network, but could so
so locally. My Active Directory account is a member of group that have
full control of a particular folder according to getfacl. I added that
folder as a share via samba and I was unable to create any files and
folder.
[2005/12/11 11:16:43, 1] smbd/service.c:(666)
bus-eneal2 (172.16.100.5) connect to service upload initially as user
DFIINT+eneal (uid=60000, gid=60000) (pid 900)
[2005/12/11 11:16:48, 2] smbd/open.c:(1892)
open_directory: unable to create New Folder. Error was Permission
denied
[2005/12/11 11:16:48, 2] smbd/open.c:(1892)
open_directory: unable to create New Folder. Error was Permission
denied
[2005/12/11 11:16:48, 2] smbd/open.c:(1892)
open_directory: unable to create New Folder (2). Error was Permission
denied
[2005/12/11 11:16:48, 2] smbd/open.c:(1892)
open_directory: unable to create New Folder (2). Error was Permission
denied
[upload]
path = /home/developers/
#valid users = @"Domain Users"
browseable = yes
writeable = yes
acl group control = yes
#inherit acls = yes
#acl compatibility = win2k
#admin users = @"Domain Admins", "Domain Admins", @itservices
The acls on the folder were set to allow the groups ITServices and
ISInfrastructure to rwx. I am a member of the ISInfrastructure group,
however my primary group is Domain Admins. I added Domain Admins to have
rwx using the setfacl facility and I was able to create a folder over
the network. Is there a way to get Samba to honour my secondary groups?
Thanks in advance for any replys.
Errol Neal
More information about the samba
mailing list