[Samba] can't remove groups in AD

Martin Hauptmann m.hauptmann at web.de
Thu Nov 1 08:54:05 GMT 2007


I can see, change and set any permissions with getfacl/setfacl.

I can see these permissions in Windows but cannot change some of the
properties. For example I cannot set full access rights for other groups
even if I am the owner of the directory/file. The changes are being
silently ignored. I can (un)check the properties and accept the changes,
but these changes do not take place when I review the properties in
windows or getfacl.

Martin

Jordan Keyes schrieb:
> Martin,
>
> What command exactly are you trying to run to remove the permissions for the
> group "Everyone"?
>
>
> Jordan
>
> -----Original Message-----
> From: samba-bounces+jordan.keyes=foamdesign.com at lists.samba.org
> [mailto:samba-bounces+jordan.keyes=foamdesign.com at lists.samba.org] On Behalf
> Of Martin Hauptmann
> Sent: Tuesday, October 30, 2007 12:03 PM
> To: samba at lists.samba.org
> Subject: Re: [Samba] can't remove groups in AD
>
> This problem is really annoying, I cannot use security groups but I need
> to do that.
>
> Please tell me if you need more information. I am using Samba since 2001
> and never had that kind of trouble.
>
> The system is an ubuntu 7.10 server with an amd64-kernel.
>
> I am ready to offer any available information, including log (I do not
> see error/failure/warning-messages when using log level 4) and any
> configurations.
>
> Thank you in advance!
>
> Martin
>
>
> Martin Hauptmann schrieb:
>   
>> Hi,
>>
>> I set up a samba 3.0.26a as an ads-member of a windows 2003 Small
>> Business Server.
>> Every windows user in the domain can read and write their files,
>> everyone's happy.
>> My Problem is, that I cannot set up security groups in the AD. When I
>> try, I do not get an error message, but my changes are being silently
>> ignored.
>> I cannot set rights exceeding read,write, execute and owner.
>> E.g. I cannot remove the group 'everyone' from the file access list.
>> When I do and confirm I do not get an error message, but when I review
>> the settings, nothing has changed, 'everyone' is still in the list.
>> It is the same when I try to set or unset full access to files - no
>> error message, but no success.
>> I tried different settings concerning heritage, but that did not help.
>>
>> There are some other postings in the mailing list that sound quite
>> similar, related to versions >3.0.25. Maybe there is a bug in these
>> versions?
>>
>> My smb.conf: http://www.pastebin.ca/753491
>>
>> Regards
>>
>> Martin
>>   
>>     
>
>   



More information about the samba mailing list