[Samba] Samba and Windows ACL Issue
Ross McInnes
sysrm at stvincent.ac.uk
Fri May 27 13:20:40 GMT 2005
Hi all got a bit of and odd problem with ACL. Ive read up on a few bits in
the samba howto and read some threads on here about it.
Im not sure if this is a bug, something ive not done, doing wrong etc so
anyone that could shed some light on it that would be great.
Basically the windows box handles all user account processing and during
creating a script for all this it will attempt to change the permissions on
the HOME directory to the user in question
(i.e C:\>cacls Z:\Students\2005\sb05 /G sb05:F /T /E)
But I always get Access is denied. Even tho its currently owned by
administrator.
Trying the "manual" way, and the ways listed in the offical samba howto
guide produces similar results.
The only way I can change the owner is to go into linux and use the chown
command.
After that its set to the correct user and all is well... Except by doing it
by hand kinda rains on my lovely automatic user creation script!
Samba.log file shows me no errors, as do any of the others. If there a
switch/option I need to enable?
Below is smb.conf
Im running RHES3, Samba 3.0.14a and Windows 2k3 AD in mixed Mode.
Many thanks
Ross
[global]
netbios name = DEV1
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind gid = 10000-20000
workgroup = DEV-DOMAIN
log file = /var/log/samba/samba.log
os level = 20
ldap idmap suffix = ou=auth1,dc=dev-domain,dc=stvincent,dc=ac,dc=uk
winbind enum groups = yes
# socket address = 1.2.3.4 <- Change this to match the IP address or
remove it to listen to all addresses.
password server = auth1.DEV-DOMAIN.STVINCENT.AC.UK
preferred master = no
winbind separator = +
winbind use default domain = yes
max log size = 500 <- In K
encrypt passwords = yes
dns proxy = no
realm = DEV-DOMAIN.STVINCENT.AC.UK
security = ADS
wins server = 172.16.2.254
wins proxy = no
# nt acl support = No
# Shares section
[adminshare]
comment = testshare
browseable = no
writeable = yes
guest ok = no
# valid users = Administrator
create mode = 0750
path = /home
[homes]
comment = Personal Storage Area
browseable = no
guest ok = no
writable = yes
create mode = 0750
path = /home/DEV-DOMAIN/%U
vfs object = recycle:repository=.recycle
recycle:versions=True
recycle:touch=True
recycle:keeptree=True
recycle:exclude=*.tmp|*.temp|*.o|*.obj|~$*|t*.1|t*.2|t*.3|t*.4|t*.5|t*.6|t$
recycle:exclude_dir=/tmp|/temp
recycle:noversions=*.doc|*.xls|*.ppt
More information about the samba
mailing list