[Samba] Windows ACL Wonkiness

Travis Brackett tbrackett at midcoforklift.com
Thu Apr 9 23:56:07 GMT 2009


Hi there

 

I've got a PowerMac G4 PPC running Debian Lenny and Samba.  It's hooked
up to a Windows 2003 domain just fine, winbind, krb5 working great.  The
problem is with ACL emulation.  I have ACL enabled in my filesystem, and
some things work but others don't.  Also to add to the frustration I
have another server with the exact same smb.conf and very similar
configuration that works fine and I can't figure out where the problem
is.

 

For instance:  I can add a user to the ACL and change their permissions,
but I CANNOT mess with the default permissions.  If I clear the
permissions on "Everyone" it just forgets the changes as soon as I
apply.

If I add a user, I can switch between read only and full control, but I
can't remove their permission entirely.

 

I know nothing about UNIX permissions so I can't tell you much about
that side of things, my apologies.

 

None of the log files indicate anything I can read as useful or relevant
to this problem.

 

Smb.conf

[global]

        workgroup = MYDOMAIN

        realm = MYDOMAIN.LOCAL

        server string = Samba file and print server

        security = ADS

        log level = 3

        log file = /var/log/samba/%m

        max log size = 50

        printcap name = cups

        preferred master = No

        idmap uid = 10000-20000

        idmap gid = 10000-20000

        winbind separator = +

        winbind enum users = Yes

        winbind enum groups = Yes

        printing = cups

        print command = 

        lpq command = %p

        lprm command = 

 

[printers]

        comment = All Printers

        guest ok = Yes

        printable = Yes

        browseable = No

        available = No

 

[music]

        path = /home/music

        valid users = "@MYDOMAIN+domain users"

        admin users = "@MYDOMAIN+domain admins"

        read only = No

 

Please help

 

Travis Brackett



More information about the samba mailing list