[Samba] ACL changes on Samba NT 4.0 Member Server
Hans-Wilhelm Heisinger
wheisinger at semcowindows.com
Thu Nov 1 18:17:29 GMT 2007
John,
Thank you for the reply. Below is the output from mount and ls -al.
Yes I can login as CPDOM+admin and create files, but connecting to the
share as CPDOM+admin doesn't work.
Hans
[root at localhost ~]# mount
/dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/hda1 on /boot type ext3 (rw,acl)
tmpfs on /dev/shm type tmpfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
[root at localhost ~]# ls -al /files
total 5196
drwxrwxrwx 3 root root 4096 Nov 1 10:17 .
drwxr-xr-x 26 root root 4096 Nov 1 05:25 ..
-rwxrw-rw- 1 root root 413 Feb 24 2006 AS400.WS
-rwxrw-rw- 1 root root 398 Jul 27 14:13 dnsb.txt
-rwxrw-rw- 1 root root 3100432 May 22 2006 Dsclient.exe
drwxrwxrwx 2 root root 4096 Apr 7 2005 Fonts
-rwxrw-rw- 1 root root 1411 Aug 15 08:09 hans.txt
-rwxrw-rw- 1 root root 61440 Sep 14 08:57 IDTag.exe
-rwxrw-rw- 1 root root 262727 Apr 21 2003 keyfinder.exe
-rwxrw-rw- 1 root root 25088 Mar 22 2007 Label6x4 layout with text.doc
-rwxrw-rw- 1 root root 60416 Jun 6 09:41 Label proposal II.xls
-rwxrw-rw- 1 root root 90112 May 9 2006 OfficeTime.exe
-rwxrw-rw- 1 root root 317 Jul 3 07:51 OutputsLisec.txt
-rwxrw-rw- 1 root root 173231 May 4 1999 REPLICA.HLP
-rwxrw-rw- 1 root root 1101 Apr 25 2005 Salesreport.dtf
-rw-rw-rw- 1 root root 481 Nov 1 08:42 smb.conf
-rwxrw-rw- 1 root root 69632 Mar 4 2004 system.mdw
-rwxrw-rw- 1 root root 491008 May 10 13:20 TSClient.doc
-rwxrw-rw- 1 root root 782848 Jun 30 2006 WIP LOCATIONS.xls
-rwxrw-rw- 1 root root 5632 Aug 4 2004 wmi.dll
-rwxrw-rw- 1 root root 16930 May 31 1994 XCOPY.EXE
John Drescher wrote:
> On 11/1/07, Hans-Wilhelm Heisinger <wheisinger at semcowindows.com> wrote:
>
>> I have a Samba 3.0.24-7 on Fedora 6 as a member of an Windows NT 4.0
>> domain, with a simple share setup with ACLs. The permissions on the
>> share from Windows XP Pro Security tab shows Everyone, and root (Unix
>> Group\root) without any Permissions. When trying to add permissions
>> from XP while logged on as CPDOM+admin the error is display "Unable to
>> save permission changes on "share name" on "server name" Access is
>> denied. Files can be copied to the share but can't be opened. Below is
>> the smb.conf. I believe ACLs would work if I add access. I tried
>> setting the ACLs using setfacl and then the permissions show full
>> control from XP, but I'm still unable to change permissions or open files.
>>
>> [global]
>>
>> winbind separator = +
>> idmap uid = 10000-20000
>> idmap gid = 10000-20000
>> winbind enum users = yes
>> winbind enum groups = yes
>> winbind use default domain = no
>>
>> security = domain
>> workgroup = CPDOM
>> netbios name = FILE_SRV
>> password server = XSERVER
>> server string =
>>
>>
>> [data]
>> comment = FILES
>> path = /files
>> guest ok = yes
>> create mask = 0777
>> writeable = yes
>> nt acl support = yes
>> oplocks = no
>> browseable = yes
>> dos filemode = yes
>> admin users =
>>
>>
>
> Your smb.conf file looks fine. Can CPDOM+admin log into the unix
> system and create files? You are mounting your unix filesystem with
> acls enabled? Also can you post an ls -al on /files
>
More information about the samba
mailing list