[Samba] Need help: Centos 5, Samba as file server + ACL for WORKGROUP

notinh notien notinhnotien7 at hotmail.com
Fri May 25 01:31:31 GMT 2007

Hi, all.  I could not add any additional users to a file or directory using 
the Windows Security tab in Windows XP Sp2.  Here is my configuration for 

# grep ACL config-2.6.18-8.el5

# smbd -b | grep ACL

# cat /etc/fstab
/dev/VolGroup00/LogVol00            /    ext3    defaults,acl,user_xattr     
    1 1

/dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw,acl,user_xattr)

#getfacl /storage/Engineers/abc.txt
getfacl: Removing leading '/' from absolute path names
# file: storage/Engineers/abc.txt
# owner: nntien
# group: Engineers

[root at filer Engineers]# id mly
uid=501(mly) gid=501(mly) 
[root at filer Engineers]# id nntien
uid=500(nntien) gid=500(nntien) groups=500(nntien),5000(Engineers)

# cat /etc/samba/smbpasswd

My samba server has local ip as and here is my smb.conf file:

        workgroup = BEEINC
        server string = FILER TEST Server
        passdb backend = smbpasswd:/etc/samba/smbpasswd
        lanman auth = No
        client NTLMv2 auth = Yes
        client lanman auth = No
        client plaintext auth = No
        log file = /var/log/samba/%m.log
        max log size = 50
        deadtime = 15
        preferred master = No
        local master = No
        domain master = No
        dns proxy = No
        admin users = mly
        force create mode = 0660
        force directory mode = 0770

        path = /storage/Engineers
        read only = No
        security mask = 0770
        force security mode = 0770
        directory security mask = 0770
        force directory security mode = 0770
        inherit permissions = Yes
        inherit acls = Yes
        follow symlinks = No

When I accessed this Engineers share from Windows XP with nntien account, I 
was able to create new files and directories.  When it came to add 
additional user to the ACL, I used Windows Security tab to add but I could 
not. At times, a pop up windows prompted for user name and password, I 
entered root and root's passowrd.  After that I enter user name as mly into 
the field, or mly at or anything suggested but I always got the 
error message of: "An object named "mly" cannot be found. I tried other 
users that are not in the same owner group of this folder too but nothing 

ls -lhat
total 32K
drwxrws--- 10 nntien Engineers     4.0K May 24 10:14 Engineers

-rwxrwx---   1 nntien Engineers    7 May 23 11:37 abc.txt

I still could add new user in Linux:
[root at filer Engineers]# setfacl -m user:hmtien:rx abc.txt
[root at filer Engineers]# getfacl abc.txt
# file: abc.txt
# owner: nntien
# group: Engineers

# id hmtien
uid=502(hmtien) gid=502(hmtien) groups=502(hmtien),7000(Manufacturing)

When I opened the Windows Security tab in Windows Explorer, I saw this new 
entry set correctly there.  I really do not want to use the command line to 
do this anytime a new entry needs to be included.

Could somebody here tell me how I should go about adding more entries using 
Windows Security tab?  What did I miss for my configuration?  What could be 

Thank you very much for your helps.

Express yourself instantly with MSN Messenger! Download today it's FREE! 

More information about the samba mailing list