[Samba] Samba 3 and Windows ACL Editor

Hervé Hénoch h.henoch at isc84.org
Thu Feb 7 16:57:30 GMT 2008 

Hello,

I have installed  a Samba 3.0.24 with LDAP.

I have the following problem when I want to run the XP ACL Editor on a 
file in shared directory, I always have the same reponse : it can't 
write authorization changes. Acces denied.

The directory involved is a local directory /home/samba/partage and it 
have the following rigths : 0777

Here is my smb.conf :[global]

workgroup = sc
netbios name = vssamba
netbios aliases = ssc001
server string = Samba-LDAP PDC Server
hosts allow = 172.18. 192.168. 127. 172.20.

security = user
domain logons = yes
domain master = yes
local master = yes
preferred master = yes
os level = 255

passdb backend = ldapsam:ldap://172.18.0.8/
ldap passwd sync = yes
# unix password sync = yes
# passwd program = /usr/sbin/smbldap-passwd ?u %u
ldap admin dn = cn=admin,dc=isc84,dc=org
ldap delete dn = yes
ldap suffix = ou=samba,dc=isc84,dc=org
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Machines
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
enable privileges = yes


socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
case sensitive = no
default case = lower
preserve case = yes
short preserve case = yes
#character set = iso8859-1
 nt acl support = yes

dns proxy = no
wins support = yes

log file = /var/log/samba/%m.log
log level = 1
max log size = 0

logon home =
logon path =
logon script = %U.bat

time server = yes

[netlogon]
        comment = Network Logon Service
        path = /mnt/samba/netlogon/users
        admin users = administrateur
        read only = No
        create mask = 0777
        directory mask = 0777
        preexec = /bin/echo "N L %u , %H connected to %S from %m (%I)" 
 >>/var/log/samba/connext.log
        root preexec = /mnt/samba/netlogon/netlogon.pl %u %m

[partage]
        comment = Partage temporaire general
        path = /mnt/samba/partage
        read only = No
        create mask = 0777
        directory mask = 0777
        guest ok = Yes

More information about the samba mailing list