[Samba] Using write list with winbind
wjohnson at mqsoftware.com
Tue Sep 25 13:29:55 GMT 2007
I'm a bit confused. We're a hybrid shop with servers of many flavors and many PC workstations. We've set samba up with security=adm. User access is authenticated by our ADS system.
We recently migrated to a new samba server. The Samba domain was properly joined to the domain and everything seemed to be working fine. We had a share on the old server like this:
comment = Common ground for developers
path = /common
public = yes
read only = yes
write list = @developers, at support, at qa,devbuild
create mask = 02775
This basically gave our R&D group write access to the share and read-only to everyone else. We migrated this directly to the new server but none of the users on the new server could get write access as the write list parameter should have done.
Turns out that when we installed the new samba, we had started winbind. After about 8 hours of scratching our heads (and other parts) we found that by turning winbindd off, that proper write access to these shares would come back.
My question is why the write list didn't seem to work while winbind was running? Should the write list had domain user type names (i.e. MQSOFTWARE\developers)?
Thanks in advance.
Senior Software Engineer
1660 S Highway 100
Minneapolis, MN 55416
More information about the samba