[Samba] ACL changes on Samba NT 4.0 Member Server

Hans-Wilhelm Heisinger wheisinger at semcowindows.com
Fri Nov 2 11:35:25 GMT 2007 

I'm not really sure what I'm looking for or which log file the error 
would present it's self in.  Anyways below is a my "shot in the dark"

[2007/11/02 06:13:29, 5] rpc_parse/parse_prs.c:prs_ntstatus(763)
      0018 status: NT_STATUS_OK
[2007/11/02 06:13:29, 10] nsswitch/winbindd_rpc.c:sequence_number(848)
  domain_sequence_number: for domain CPDOM is 29539
[2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:store_cache_seqnum(400)
  store_cache_seqnum: success [CPDOM][29539 @ 1194002009]
[2007/11/02 06:13:29, 10] 
nsswitch/winbindd_cache.c:refresh_sequence_number(459)
  refresh_sequence_number: CPDOM seq number is now 29539
[2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:centry_expired(501)
  centry_expired: Key TRUSTDOMS/CPDOM for domain CPDOM is good.
[2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:wcache_fetch(588)
  wcache_fetch: returning entry TRUSTDOMS/CPDOM for domain CPDOM
[2007/11/02 06:13:29, 10] nsswitch/winbindd_cache.c:trusted_domains(1741)
  trusted_domains: [Cached] - cached info for domain CPDOM (2 trusts) 
status: NT_STATUS_OK
[2007/11/02 06:13:29, 10] 
nsswitch/winbindd_cache.c:cache_store_response(1966)
  Storing response for pid 2464, len 3337
[2007/11/02 06:13:29, 10] 
nsswitch/winbindd_cache.c:cache_store_response(1980)
  Storing extra data: len=97
[2007/11/02 06:13:35, 4] nsswitch/winbindd_dual.c:fork_domain_child(809)
  child daemon request 13
[2007/11/02 06:13:35, 10] 
nsswitch/winbindd_dual.c:child_process_request(395)
  process_request: request fn AUTH_CRAP
[2007/11/02 06:13:35, 3] 
nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1460)
  [ 2453]: pam auth crap domain: CPDOM user: ADMIN
[2007/11/02 06:13:35, 8] lib/util.c:is_myname(2065)
  is_myname("CPDOM") returns 0
[2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(148)
      sequence = 0x472b046c
[2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(150)
      seed:        6A478DD1D50C5B54
[2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(155)
      seed+seq   D64BB818D50C5B54
[2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(159)
      CLIENT      39C2447FE6E06DDE
[2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(164)
      seed+seq+1   D74BB818D50C5B54
[2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_step(168)
      SERVER      AFDE89BB3E2F0393
[2007/11/02 06:13:35, 5] libsmb/credentials.c:creds_reseed(238)
  cred_reseed: seed D74BB818D50C5B54




John Drescher wrote:
> On 11/1/07, Hans-Wilhelm Heisinger <wheisinger at semcowindows.com> wrote:
>   
>>  John,
>>
>>      Thank you for the reply. Below is the output from mount and ls -al.
>> Yes I can login as CPDOM+admin and create files, but connecting to the share
>> as CPDOM+admin doesn't work.
>>
>>  Hans
>>
>>  [root at localhost ~]# mount
>>  /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw)
>>  proc on /proc type proc (rw)
>>  sysfs on /sys type sysfs (rw)
>>  devpts on /dev/pts type devpts (rw,gid=5,mode=620)
>>  /dev/hda1 on /boot type ext3 (rw,acl)
>>  tmpfs on /dev/shm type tmpfs (rw)
>>  none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
>>  sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
>>
>>  [root at localhost ~]# ls -al /files
>>  total 5196
>>  drwxrwxrwx  3 root root    4096 Nov  1 10:17 .
>>  drwxr-xr-x 26 root root    4096 Nov  1 05:25 ..
>>  -rwxrw-rw-  1 root root     413 Feb 24  2006 AS400.WS
>>  -rwxrw-rw-  1 root root     398 Jul 27 14:13 dnsb.txt
>>  -rwxrw-rw-  1 root root 3100432 May 22  2006 Dsclient.exe
>>  drwxrwxrwx  2 root root    4096 Apr  7  2005 Fonts
>>  -rwxrw-rw-  1 root root    1411 Aug 15 08:09 hans.txt
>>  -rwxrw-rw-  1 root root   61440 Sep 14 08:57 IDTag.exe
>>  -rwxrw-rw-  1 root root  262727 Apr 21  2003 keyfinder.exe
>>  -rwxrw-rw-  1 root root   25088 Mar 22  2007 Label6x4 layout with text.doc
>>  -rwxrw-rw-  1 root root   60416 Jun  6 09:41 Label proposal II.xls
>>  -rwxrw-rw-  1 root root   90112 May  9  2006 OfficeTime.exe
>>  -rwxrw-rw-  1 root root     317 Jul  3 07:51 OutputsLisec.txt
>>  -rwxrw-rw-  1 root root  173231 May  4  1999 REPLICA.HLP
>>  -rwxrw-rw-  1 root root    1101 Apr 25  2005 Salesreport.dtf
>>  -rw-rw-rw-  1 root root     481 Nov  1 08:42 smb.conf
>>  -rwxrw-rw-  1 root root   69632 Mar  4  2004 system.mdw
>>  -rwxrw-rw-  1 root root  491008 May 10 13:20 TSClient.doc
>>  -rwxrw-rw-  1 root root  782848 Jun 30  2006 WIP LOCATIONS.xls
>>  -rwxrw-rw-  1 root root    5632 Aug  4  2004 wmi.dll
>>  -rwxrw-rw-  1 root root   16930 May 31  1994 XCOPY.EXE
>>
>>
>>
>>
>>     
>
> It is possible the problem is that the owner and group of the share
> are both root. I never do that for any of my working samba shares. The
> owner can be a user or possibly root but the group is always a group
> that the users I want to change acls. I see from the docs that dos
> filemode is supposed to fix that so maybe this is not the case.
>
> Can you set a log level of 10 and see if there are any errors caused
> when you try to change the acls?
>
> John
>

More information about the samba mailing list