[Samba] Samba and Windows ACL Issue

Pierre Dehaen pi at drever.be
Wed Jul 27 10:09:14 GMT 2005 

On 3 Jun 2005 at 10:19, Ross McInnes wrote:

> Heh. Well I see the Administrator and Domain Admins and Everyone bits
> 
> Nothing about adding the user ross to it. Also when I try and add another
> person, it still comes up access denied :/

Hi Ross, Tony and others,

I come back on this to see if you found a way to add on a file specific 
permissions for an additional user. I still can't from W2K/XP but well from 
WNT.

At the beginning (years ago on Samba <= 2.2.5) it worked with W2K too but, 
probably (?) since a SP or patch was applied, it stopped working. An upgrade 
to Samba 3.0.10 (compiled by sunfreeware.com) did not help. I patched (see 
<http://lists.samba.org/archive/samba/2005-April/104062.html>) and 
compiled 3.0.14a myself and it still doesn't work. There is no obvious error 
message in the log, I've read documents for days, tried so many options... 
I'm really lost now.

Using smbcacls (samba 2.2.12 from another host or 3.0.14a from the 
localhost) I can view the permissions on a file, and I can add a user with 
permissions to the list, the ACLs get updated.

>From a W2K or WNT, using cacls I can display the permissions, although I 
do not see the user names but rather <Account Domain not found>. Updating 
the permissions does not work:
   <C:\ cacls file /G username:R
   No mapping between account names and security IDs was done.

>From the explorer of Windows (and additional setup info) see my previous 
message: <http://lists.samba.org/archive/samba/2005-June/107543.html>  

Note that from the explorer of W2K/XP I can change *existing* permissions 
of users but I cannot add a user to the list. So my only last (weird) possibility 
is to setup default ACLs on directories for all possible users and to add 
missing users to existing files with setfacl !!!

Thanks
Pierre

> Cheers
> 
> Ross 
> 
> -----Original Message-----
> From: Tony Earnshaw [mailto:tonye at billy.demon.nl] 
> Sent: 02 June 2005 16:02
> To: Ross McInnes
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] Samba and Windows ACL Issue
> 
> tor, 02.06.2005 kl. 15.46 skrev Ross McInnes:
> 
> > Ah... I can use setfacl
> > 
> > setfacl -m user:ross:rwx crap
> >  
> > Getfacl shows that ross has rwx perms too.
> > 
> > However, its not reported back into windows, i.e security permissions 
> > for the file crap still shows administrator/domain admins  :/  also 
> > when I try and add another user, still nothing. But progress!
> 
> Ok. Now for the last attempt:
> 
> right click on file crap, security tab, advanced button, try it from one of
> the tabs there (I've fscked my only Win XP Pro test m/c here, so can't try
> it for you).
> 
> --Tonni
> 
> --
> mail: tonye at billy.demon.nl
> http://www.billy.demon.nl
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
> 
>

More information about the samba mailing list