[Samba] ACL changes on Samba NT 4.0 Member Server
John Drescher
drescherjm at gmail.com
Thu Nov 1 16:53:49 GMT 2007
On 11/1/07, Hans-Wilhelm Heisinger <wheisinger at semcowindows.com> wrote:
> I have a Samba 3.0.24-7 on Fedora 6 as a member of an Windows NT 4.0
> domain, with a simple share setup with ACLs. The permissions on the
> share from Windows XP Pro Security tab shows Everyone, and root (Unix
> Group\root) without any Permissions. When trying to add permissions
> from XP while logged on as CPDOM+admin the error is display "Unable to
> save permission changes on "share name" on "server name" Access is
> denied. Files can be copied to the share but can't be opened. Below is
> the smb.conf. I believe ACLs would work if I add access. I tried
> setting the ACLs using setfacl and then the permissions show full
> control from XP, but I'm still unable to change permissions or open files.
>
> [global]
>
> winbind separator = +
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind enum users = yes
> winbind enum groups = yes
> winbind use default domain = no
>
> security = domain
> workgroup = CPDOM
> netbios name = FILE_SRV
> password server = XSERVER
> server string =
>
>
> [data]
> comment = FILES
> path = /files
> guest ok = yes
> create mask = 0777
> writeable = yes
> nt acl support = yes
> oplocks = no
> browseable = yes
> dos filemode = yes
> admin users =
>
Your smb.conf file looks fine. Can CPDOM+admin log into the unix
system and create files? You are mounting your unix filesystem with
acls enabled? Also can you post an ls -al on /files
More information about the samba
mailing list