[Samba] Samba + ADS - Filepermissions home directories
Mona Meyer
meymona at gmail.com
Wed Jul 15 10:47:58 MDT 2009
I configured winbind, samba and pam.d to authenticate via our Windows Active
Directory Server.
Everything works fine, I can log on to the system using my Windows Account
credentials, I am also able to access the samba home share, but I have no
write permissions there.
What I don't get is: When I give read-write-access to everybody (chmod 777
/home/%USER%), I am able to create and delete files. If I than create a new
file (via the network share), the file is created by the owner of
/home/%USER%. But If the system identifies myself as the owner, why was I
not able to create the file before changig the file permissions?
/etc/samba/smb.conf
[global]
workgroup = WORKGROUP
realm = INT.WORKGROUP.COM
server string = %h
security = ADS
winbind separator = +
winbind cache time = 10
password server = 192.168.1.1
encrypt passwords = yes
client use spnego = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
template homedir = /home/%U
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
[homes]
comment = Home Directories
browseable = no
read only = no
create mask = 0700
directory mask = 0700
valid users = WORKGROUP+%S
after chmod 777:
debian:/home/USER# ls -la
-rwx------ 1 USER domain-user 0 15. Jul 16:45 test
More information about the samba
mailing list